Moderators: Elvis, DrVolin, Jeff
by Grizzly » Fri Nov 02, 2018 12:59 am
by Harvey » Fri Nov 02, 2018 11:19 am
by Grizzly » Fri Nov 02, 2018 12:57 pm
n 2013, hundreds of CIA officers — many working nonstop for weeks — scrambled to contain a disaster of global proportions: a compromise of the agency’s internet-based covert communications system used to interact with its informants in dark corners around the world. Teams of CIA experts worked feverishly to take down and reconfigure the websites secretly used for these communications; others managed operations to quickly spirit assets to safety and oversaw other forms of triage.
“When this was going on, it was all that mattered,” said one former intelligence community official. The situation was “catastrophic,” said another former senior intelligence official.
From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired — despite warnings about what was happening — until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.
The disaster ensnared every corner of the national security bureaucracy — from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs — forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies.
In a world where dependence on advanced technology may be a necessary evil for modern espionage, particularly in hostile regions where American officials can’t operate freely, such technical failures are an ever present danger and will only become more acute with time.
“When these types of compromises happen, it’s so dark and bad,” said one former official. “They can burrow in. It never really ends.”
A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. “You start thinking twice about people, from China to Russia to Iran to North Korea,” said the former official. The CIA was worried about its network “totally unwinding worldwide.”
Yahoo News’ reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious — even catastrophic — and will persist for years.
More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The government’s inability to address the communication system’s insecurities until after sources were rolled up in China was disastrous. “We’re still dealing with the fallout,” said one former national security official. “Dozens of people around the world were killed because of this.”
*****
One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility — part of Iran’s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.
The mole hunt wasn’t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a state actor like China or Iran. “It was never meant to be used long term for people to talk to sources,” said one former official. “The issue was that it was working well for too long, with too many people. But it was an elementary system.”
“Everyone was using it far beyond its intention,” said another former official.
The risks posed by the system appeared to have been overlooked in part because of it was easy to use, said the former intelligence officials. There is no foolproof way to communicate — especially with expediency and urgency — with sources in hostile environments like Iran and China, noted the former officials. But a sense of confidence in the system kept it in operation far longer than was safe or advisable, said former officials. The CIA’s directorate of science and technology, which is responsible for the secure communications system, “says, ‘our s***’s impregnable,’ but it’s obviously not,” said one former official.
By 2010, however, it appears that Iran had begun to identify CIA agents. And by 2011, Iranian authorities dismantled a CIA spy network in that country, said seven former U.S. intelligence officials. (Indeed, in May 2011, Iranian intelligence officials announced publicly that they had broken up a ring of 30 CIA spies; U.S. officials later confirmed the breach to ABC News, which also reported on a potential compromise to the communications system.)
Iran executed some of the CIA informants and imprisoned others in an intelligence setback that one of the former officials described as “incredibly damaging.” The CIA successfully exfiltrated some of its Iranian sources, said former officials.
The Iranian compromise led to significantly fewer CIA agents being killed than in China, according to former officials. Still, the events there hampered the CIA’s capacity to collect intelligence in Iran at a critical time, just as Tehran was forging ahead with its nuclear program.
U.S. authorities believe Iran probably unwound the CIA’s asset network analytically — meaning they deduced what Washington knew about Tehran’s own operations, then identified Iranians who held that information, and eventually zeroed in on possible sources. This hunt for CIA sources eventually bore fruit — including the identification of the covert communications system.
A 2011 Iranian television broadcast that touted the government’s destruction of the CIA network said U.S. intelligence operatives had created websites for fake companies to recruit agents in Iran by promising them jobs, visas and education abroad. Iranians who initially thought they were responding to legitimate opportunities would end up meeting with CIA officers in places like Dubai or Istanbul for recruitment, according to the broadcast.
Though the Iranians didn’t say precisely how they infiltrated the network, two former U.S. intelligence officials said that the Iranians cultivated a double agent who led them to the secret CIA communications system. This online system allowed CIA officers and their sources to communicate remotely in difficult operational environments like China and Iran, where in-person meetings are often dangerous.
A lack of proper vetting of sources may have led to the CIA inadvertently running a double agent, said one former senior official — a consequence of the CIA’s pressing need at the time to develop highly placed agents inside the Islamic Republic. After this betrayal, Israeli intelligence tipped off the CIA that Iran had likely identified some of its assets, said the same former official.
The losses could have stopped there. But U.S. officials believe Iranian intelligence was then able to compromise the covert communications system. At the CIA, there was “shock and awe” about the simplicity of the technique the Iranians used to successfully compromise the system, said one former official.
In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.
According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.
U.S. intelligence officials were well aware of Iran’s formidable cyber-espionage capabilities. But they were flabbergasted that Iran managed to extirpate an entire CIA spy network using a technique that one official described as rudimentary — something found in basic how-to books.
But the events in Iran were not self-contained; they coincided roughly with a similar debacle in China in 2011 and 2012, where authorities rounded up and executed around 30 agents working for the U.S. (the New York Times first reported the extirpation of the CIA’s China sources in May 2017). Some U.S. intelligence officials also believe that former Beijing-based CIA officer Jerry Lee, who was charged with spying on behalf of the Chinese government in May 2018, was partially responsible for the destruction of the CIA’s China-based source network. But Lee’s betrayal does not explain the extent of the damage, or the rapidity with which Chinese intelligence was able to identify destroy the network, said former officials.
U.S. officials believe that Chinese intelligence obtained physical access to the transitional, or temporary, secret communications system used by the CIA to correspond with new, unvetted sources — and broke through the firewall separating it from the main covert communications system, compromising the CIA’s entire asset network in that country, Foreign Policy reported earlier this year.
It’s not clear whether China and Iran cooperated, but the former officials said the communications systems used in both countries were similar. The two governments may have broken the system independently. But Iranian, Chinese and Russian officials were engaged in senior-level communications on cyber issues around this time, recalled one former senior intelligence official —interactions that were “very suspicious in hindsight.”
The CIA declined to comment. The Iranian Mission to the UN did not respond to requests for comment.
Some U.S. intel officials took the interactions as an indicator of enhanced open coordination among these countries, and even a nascent alliance against the U.S. and its Five Eyes intelligence partners, this person said. (U.S. officials also believe Chinese officials subsequently shared information about its penetration of the secret CIA system with their Russian counterparts.)
“Our adversaries dramatically upped their game” in their offensive hacking operations, including those geared toward cracking the U.S. covert communications platforms, during this period, said another former senior intelligence official. This almost certainly included information sharing between these countries on U.S. covert communications techniques, said multiple former officials — the makings of a real-life “axis of evil.”
There were discrete signs of potential cooperation. Around the time of the purges of CIA informants in Iran and China, senior counter-espionage officials from China’s Ministry of State Security visited their counterparts in Tehran, said four former U.S. officials.
Some officials believe the two countries engaged in a trade — perhaps with Iran providing China with the technical information needed to pinpoint signs of online activity on the communications system, in exchange for military hardware, speculated one former official. “That’s the spy service way,” said another former official.
With dawning horror, U.S. officials realized that once Iranian or Chinese intelligence officials were able to pinpoint CIA assets within their own borders, they were almost certainly capable of zeroing in on similar digital signatures in other countries, former officials said.
Former officials said the fallout from the compromises was likely global in scope — potentially endangering all CIA sources that used some version of this internet-based system worldwide.
“You establish these networks that are obviously critical to our ability to really understand what our adversaries are up to — there’s a pride in that — and when something that valuable starts to fall apart, the concern is, ‘Are we developing a house of cards?’” said one former senior official. “A lot of bells went off” during this time, said this person, because “whatever methods and procedures we were using were in jeopardy because of what the Chinese and Iranians had determined. You find that you’re blind.”
These multiple, overlapping failures of the communication system created systemic problems for the agency. “There was a cascade of effects that flowed outward” from the initial breaches, said another former intelligence official. “Part of the problem was trying to figure out the second and third order of effects.”
Repairing this breach had to be approached with extraordinary delicacy because attempted fixes can expose sources. Iran or China could then target and flip those CIA sources, or use information about them as bargaining chips with other intelligence services, former officials said. Around this time, Iranian intelligence officials also began aggressively pitching CIA officers to become double agents —meaning that they had somehow identified agency personnel, potentially through this wider compromise, said one former intel official.
One country where the impact appears to have been contained is Russia. CIA officials who focus on Russia knew about the China ordeal and quickly adjusted their communications with sources accordingly, some of the former officials said. Aspects of the CIA’s Russia operations have historically been walled off from the rest of the agency, which likely helped minimize the damage. But the issue was so acute in the Middle East that the CIA was forced to suspend its use of internet-based covert communications systems there several times.
The problems were exacerbated by increasingly aggressive Iranian cyber-espionage. The Iranians “were very good tactically,” one former official said, and were adept at “breaking into low-level communications in the field, such as between Iraqi forces and their American counterparts.”
Starting around 2013, Iranian cyber experts seemed to be tracking CIA agents outside their own borders, including in Yemen, where Iran eventually compromised the internet-based covert communications system there, said one of the former officials. During this time, emergency meetings had to be scheduled at the agency because the Iranians had “hacked into systems outright that had nothing to do with them,” said this person — that is, those beyond Iran itself.
“Iran was aggressively going out to hunt systems down,” the former official said. “They weren’t just protecting themselves anymore.”
*****
As Iran was making fast inroads into the CIA’s covert communications system, back in Washington an internal complaint by a government contractor warning officials about precisely what was happening was winding its way through a Kafka-esque appeals system.
In 2008 — well before the Iranians had arrested any agents — a defense contractor named John Reidy, whose job it was to identify, contact and manage human sources for the CIA in Iran, had already sounded an alarm about a “massive intelligence failure” having to do with “communications” with sources. According to Reidy’s publicly available but heavily redacted whistleblower disclosure, by 2010 he said he was told that the “nightmare scenario” he had warned about regarding the secret communications platform had, in fact, occurred.
Reidy refused to discuss his case with Yahoo News. But two former government officials directly familiar with his disclosure and the investigation into the compromises in China and Iran tell Yahoo News that Reidy had identified the weaknesses — and early compromise — that eventually befell the entire the covert communications platform.
Reidy’s case was complicated. After he blew the whistle, he was moved off of his subcontract with SAIC, a Virginia company that works on government information technology products and support. According to the public disclosure, he contacted the CIA inspector general and congressional investigators about his employment status but was met with resistance, partially because whistleblower protections are complicated for federal contractors, and he remained employed.
Meanwhile, throughout 2010 and 2011, the compromise continued to spread, and Reidy provided details to investigators. But by November 2011, Reidy was fired because of what his superiors said were conflicts of interest, as Reidy maintained his own side business. Reidy believed the real reason was retaliation.
In his 2014 appeal to the intelligence community inspector general, first published by McClatchy News, Reidy describes the first signs of compromise in stunning detail — though it was unclear at the time, because of what was redacted, what issue he was addressing. “As our efforts increased, we started to notice anomalies in our operations … sources abruptly and without reason ceasing all communications with us,” he wrote.
Something, he realized, was deeply wrong with the agency’s human sources network. The “U.S. communications infrastructure was under siege,” he wrote. Reidy warned that the problem wasn’t limited to a single country — it extended to everywhere the CIA operates. Close to 70 percent of operations at the time were potentially compromised, he noted. In other words, an entire class of CIA agents — those using some iteration of the online system — was in danger. “CIA is aware of this,” he wrote. “The design and maintenance of the system is flawed.”
Reidy’s complaint wasn’t fully addressed for many years. But when the wide-scale arrest of sources in Iran happened, the CIA eventually launched an investigation. The deaths in China sent investigators into overdrive. Teams from the CIA, the FBI and the House Permanent Select Committee on Intelligence scrambled to try to figure out what had happened — and how to stem the damage.
“Can you imagine how different this whole story would’ve turned out if the CIA [inspector general] had acted on Reidy’s warnings instead of going after him?” said Kel McClanahan, Reidy’s attorney. “Can you imagine how different this whole story would’ve turned out if the congressional oversight committees had done oversight instead of taking CIA’s word that he was just a troublemaker?”
Irvin McCullough, a national security analyst with the Government Accountability Project, a nonprofit that works with whistleblowers, put the issue in even starker terms. “This is one of the most catastrophic intelligence failures since September 11th,” he said. “And the CIA punished the person who brought the problem to light.”
The roll-up of the CIA’s networks reignited debates within the U.S. intelligence community about the merits of high-tech versus low-tech methods of communicating with sources. Within some corners of the intelligence world, “there was widely held belief that technology was the solution to all communications problems,” according to one of the former officials. Proponents of older methods — such as chalk marks, burst communications, brush passes and one-time pads — were seen as “troglodytes,” said this official.
The failure of the communication system was discussed extensively in closed-door hearings at the House and Senate Intelligence committees, according to several former officials. “Some of the senators and congressman went nuts about this, and they should have,” one of them said.
A spokesperson for the Senate Intelligence Committee declined to comment. The House Intelligence Committee did not respond to requests for comments.
One of the central concerns among those familiar with the scope of the breakdown is the institutions responsible for it were never held accountable. Doing a comprehensive investigation isn’t easy, “but you have an absolute obligation to do that, because if you don’t, all you’re doing is rolling the dice with future lives,” said one former senior official.
Even several years after the breach, the concern within the intelligence community is accountability.
“When we continuously allow things like this to happen, and Congress doesn’t do anything, and the institutions don’t do anything, you’re going to have worse issues,” said another former official.
“People will say, ‘I went to the inspector general and it didn’t work; I went elsewhere and it didn’t work.’ People will see it as a game. It will lead to corruption, and it will lead to espionage. When people see that the system is corrupt, it affects everything.”
In the end, said the former official, “our biggest insider threat is our own institution.”
_____
There was in fact no nuclear weapons program in Iran, not even the US claimed there was
https://www.reuters.com/article/us-nucl ... 0W20090917
https://www.reuters.com/article/us-iran ... 0220080212
https://thinkprogress.org/panetta-iran- ... 1924b03c0/
https://www.reuters.com/article/us-nucl ... 4420090703
https://www.nytimes.com/2012/02/25/worl ... -bomb.html
U.S. military hackers have been given the go-ahead to gain access to Russian cybersystems as part of potential retaliation for any meddling in America’s elections.
by JackRiddler » Fri Nov 02, 2018 11:30 pm
by DrEvil » Sat Nov 03, 2018 5:10 am
by JackRiddler » Fri Nov 09, 2018 5:54 am
https://news.clearancejobs.com/2018/11/ ... on-system/
CIA Whistleblower Punished After Revealing Flaws in Intelligence Communication System
The lesson is that you can be right, but if you’re incapable of not pissing people off as you try to deal with the issue, you’re not likely to get far.
Government
Tom McCuin / Nov 5, 2018
0
There’s plenty in Friday’s Yahoo News story about the compromise of a CIA system used to communicate with human sources. The Yahoo story is “based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations.” That qualifies as “well-soured” in almost anyone’s book. Had it been one or two sources, you could say it was someone with an axe to grind. But eleven sources speaking on background, plus the lawyer for a whistleblower speaking on the record, adds up to a solid story.
The most explosive part of the story is the revelation that Iran unwrapped a CIA covert scheme for communicating with assets in sensitive areas. The compromise of the internet-based system is believed to have led to the arrest of as many as 30 Iranian assets—with some later executed—and the deaths of another 30 Chinese assets. The system was designed to communicate with human sources in war zones. But as the Yahoo piece said, it “was not built to withstand the sophisticated counterintelligence efforts of a state actor like China or Iran.”
From a distance, it’s easy to say that case officers got lazy and relied too heavily on a system designed to give assets in war zones a quick method of relaying intelligence. But given the difficulties in using traditional means of communication with agents—such as dead drops— in places like Tehran and Beijing, it’s equally easy to understand how they continued to use the system.
What seems to be unforgivable is that the CIA was told long before any compromises that the system was vulnerable. Had officials listened, it seems likely that the CIA may have avoided many of the “catastrophic” losses.
McClatchy obtained and published a redacted version of John Reidy’s 2014 whistleblower appeal in July 2015. Reidy worked on and with the communications system as a subcontractor to defense contracting giant SAIC between 2005 and 2009. According to this document, he was even directly handling communication with human intelligence sources. And he claims to have noticed problems with the communication system as early as 2006. Despite numerous attempts to convince his superiors at the CIA that the system was flawed, no one appears to have done anything.
THOSE FOLLOWING WHISTLEBLOWER PROCEDURES CORRECTLY SHOULD NOT FACE RETALIATION
Reidy’s appeal document is long and somewhat rambling. He warns of this up front, claiming that it is so because the CIA denied him the opportunity to seek the assistance of a lawyer with the requisite security clearance to see the facts of the case. He had to type his appeal in a SCIF, a secure compartmented information facility where the most sensitive secrets are processed, without the aid of an attorney to help him present his case most effectively.
He also seems to be a bit, shall we say, of a pain in the ass. The lesson is that you can be right, but if you’re incapable of not pissing people off as you try to deal with the issue, you’re not likely to get far.
But being a total pain in the ass seems justified when one looks at the magnitude of the issue. Reidy saw what could happen. He warned people what would happen if the problem wasn’t addressed. And his “nightmare scenario” came to be. Reidy believed his information could have prevented what Yahoo called, quite accurately, “a disaster of global proportions.”
One hopes that sooner rather than later, government managers and contracting officer representatives reach the conclusion that when a person is following whistleblower procedures to the letter (as it appears Reidy has done), that they simply cannot retaliate against that person with impunity. I will not hold my breath waiting for that to happen. What I will do, is continue to highlight ways the government is abusing those who follow the rules to save lives and money.
More: cia, cybersecurity, daily brief, security clearance law, whistleblower
Tom McCuin is a strategic communication consultant and retired Army Reserve Civil Affairs and Public Affairs officer whose career includes serving with the Malaysian Battle Group in Bosnia, two tours in Afghanistan, and three years in the Office of the Chief of Public Affairs in the Pentagon. When he’s not devouring political news, he enjoys sailboat racing and umpiring Little League games (except the ones his son plays in) in Alexandria, Va. Follow him on Twitter at @tommccuin
by Harvey » Sat Oct 01, 2022 10:46 pm
https://www.theguardian.com/world/2022/sep/18/mahsa-amini-dozens-injured-in-iran-protests-after-death-in-custody
https://www.nytimes.com/2022/09/20/worl ... amini.html
https://www.washingtonpost.com/world/20 ... b-protest/
https://www.rt.com/news/563230-iran-pro ... 3890181433
https://edition.cnn.com/2022/09/20/midd ... ndex.html/
https://www.euronews.com/2022/09/22/mah ... police-cus
https://www.presstv.ir/Detail/2022/09/2 ... ahsa-Amini
https://www.foxnews.com/world/irans-mor ... g-protests
https://www.aljazeera.com/news/2022/9/24/musk-says-activating-starlink-in-response-to-blinken-on-internet
Elon Musk greenlit to activate Starlink internet for Iranians
Legal guidance by the American government on expanding internet services to Iranians was changed despite US sanctions
24 Sep 2022
SpaceX CEO Elon Musk has been given the green light by the United States government to activate the satellite internet service Starlink to help Iranians protesting against the death of a woman in police custody.
Access to social media and some content is tightly restricted in Iran and significant internet outages were reported across the country on Saturday, with one of the biggest mobile phone operators disrupted, leaving millions of Iranians offline.
The US Treasury Department on Friday issued guidance expanding internet services available to Iranians despite US sanctions on the country.
The move follows deadly protests around Iran following the death of Mahsa Amini, a 22-year-old woman who died after being detained by “morality police” who questioned the way she was wearing her headscarf.
Hundreds of angry demonstrators have been arrested with crowds taking to the streets of major cities across Iran for eight straight nights. State television said the number of deaths in “recent riots” had risen to 35, up from 17 previously, including at least five security personnel.
We took action today to advance Internet freedom and the free flow of information for the Iranian people, issuing a General License to provide them greater access to digital communications to counter the Iranian government’s censorship.
— Secretary Antony Blinken (@SecBlinken) September 23, 2022
A US State Department spokesperson said the updated licence was self-executing and “anyone who meets the criteria outlined in this general license can proceed with their activities without requesting additional permissions”.
Musk could not be reached for comment or clarification regarding Starlink’s clearance to operate in Iran.
However, he said on Monday the company wanted to provide the Starlink satellite broadband service – already provided to Ukraine for its fight against Russia’s invasion – to Iranians and would ask for a sanctions exception.
Iran has curbed access to social media networks Instagram and WhatsApp amid the protests, according to residents and internet watchdog NetBlocks.
Azadeh Akbari, from the University of Twente, said the digital shutdown in Iran is “a continuation of decades of internet filtering by the Iranian government”.
She gave examples of “keyboard filtering” and the arrest of journalists as a means of cracking down on access.
Akbari added with the shutdown of global cyberspace in Iran it would be increasingly “difficult and dangerous” for members of the public to access safe messenger apps and use methods to get around the blocks.
Speaking from Capetown, South Africa, mobile video journalism publisher Yusuf Omar said the Iranian government’s attempts to limit internet access is a form of “government censorship” as well as “self-censorship” of the population.
“People we are getting in touch with stories even if they do have access to the internet for a couple of hours and want to send a video out. They are really afraid,” Omar told Al Jazeera.
President Ebrahim Raisi said on Saturday that Iran must “deal decisively with those who oppose the country’s security and tranquility”, Iranian state media reported.
Raisi’s comments were made in a condolence telephone call to the family of a security agent stabbed to death last week, allegedly by protesters enraged over the death of Amini.
https://thecradle.co/Article/Analysis/16372
Decoding the Pentagon’s online war against Iran
From a click of a button in the US to violence on the streets of Tehran, the latest protests in Iran are being engineered and provoked from outside
By Kit Klarenberg
October 01 2022
The civil unrest in Iran in response to the recent death of 22-year-old Mahsa Amini while she was waiting at a Tehran police station, although rooted in legitimate grievances, also bears the hallmark of a western-sponsored covert war, covering multiple fronts.
Mere days after the protests erupted on 16 September, the Washington Post revealed that the Pentagon had initiated a wide-ranging audit of all its online psyops efforts, after a number of bot and troll accounts operated by its Central Command (CENTCOM) division – which covers all US military actions in West Asia, North Africa and South and Central Asia – were exposed, and subsequently banned by major social networks and online spaces.
The accounts were busted in a joint investigation carried out by social media research firm Graphika, and the Stanford Internet Observatory, which evaluated “five years of pro-Western covert influence operations.”
Published in late August, it attracted minimal English-language press coverage at the time, but evidently was noticed, raising concerns at the highest levels of the US government, prompting the audit.
While the Washington Post ludicrously suggested the government’s umbrage stemmed from CENTCOM’s egregious, manipulative activities which could compromise US “values” and its “moral high ground,” it is abundantly clear that the real problem was CENTCOM being exposed.
#OpIran
CENTCOM’s geographical purview includes Iran, and given the Islamic Republic’s longstanding status as a key US enemy state, it’s perhaps unsurprising that a significant proportion of the unit’s online disinformation and psychological warfare efforts were directed there.
A key strategy employed by US military psyops specialists is the creation of multiple sham media outlets publishing content in Farsi. Numerous online channels were maintained for these platforms, spanning Twitter, Facebook, Instagram, YouTube and even Telegram.
In some cases too, fake journalists and pundits, with numerous “followers” on those platforms emerged, along with profile photos created via artificial intelligence.
For example, Fahim News claimed to provide “accurate news and information” on events in Iran, prominently publishing posts declaring “the regime uses all of its efforts to censor and filter the internet,” and encouraging readers to stick to online sources as a result.
Meanwhile, Dariche News claimed to be an “independent website unaffiliated with any group or organization,” committed to providing “uncensored and unbiased news” to Iranians within and without the country, in particular information on “the destructive role of the Islamic Revolutionary Guard Corps in all the affairs and issues of Iran and the region.”
Their respective YouTube channels pumped out numerous short-form videos, presumably in the hope they would be mistaken for organic content, and go viral on other social networks. The researchers identified one instance in which media outlets elsewhere had embedded Dariche News content into articles.
An army of bots and trolls
Some of the fake news organizations published original material, but much of their output was recycled content from US government-funded propaganda outfits such as Radio Farda and Voice of America Farsi.
They also repurposed and shared articles from the British-based Iran International, which appears to receive arm’s length funding from Saudi Arabia, as did several fake personas attached to these outlets.
These personas frequently posted non-political content, including Iranian poetry and photos of Persian food, in order to increase their authenticity. They also engaged with real Iranians on Twitter, often joking with them about internet memes.
Pentagon bots and trolls used different narrative techniques and approaches in an attempt to influence perceptions and engender engagement. A handful promoted “hardliner” views, criticizing the Iranian government for insufficiently hawkish foreign policy while being excessively reformist and liberal domestically.
One such bogus user, a purported “political science expert,” accrued thousands of followers on Twitter and Telegram by posting content praising Shia Islam’s growing power in West Asia, while other “hardliner” accounts praised the late General Qassem Soleimani of the Islamic Revolutionary Guard Corps (IRGC), slain in an illegal US drone strike in January 2020, as a martyr, and encouraged the wearing of hijabs.
The researchers state the purpose of these efforts was unclear, although an obvious explanation is the Pentagon sought to foster anti-government discontent among conservative Iranians, while creating lists of local “extremists” to monitor online.
Orchestrated opposition
Overwhelmingly though, Pentagon-linked accounts were viciously critical of the Iranian government, and the IRGC. Numerous Pentagon bots and trolls sought to blame food and medicine shortages on the latter, which was likened to ISIS, and posting videos of Iranians protesting and looting supermarkets captioned in Pashto, English, and Urdu.
More sober posts criticized Tehran for redistributing much-needed food to give to Lebanon’s Hezbollah movement, while others highlighted embarrassing incidents, such as a reported power outage that caused the country’s chess team to lose an international online tournament.
Furthermore, multiple fake users claimed to seek “justice for the victims of #Flight752”, referring to the Ukraine International Airlines flight accidentally shot down by the IRGC in January 2020.
Using hashtags such as #PS752 and #PS752justice hundreds of times, they blamed Iranian Supreme Leader Ali Khamenei personally for the incident.
Following the outbreak of war in Ukraine in February, these accounts used Persian versions of widely-trending hashtags #No_To_Putin and #No_To_War – themselves overwhelmingly disseminated on Twitter by pro-Ukraine bot and troll accounts, according to separate research.
The users condemned Khamenei’s verbal support of Putin and accused Iran of supplying drones to Moscow, which it was claimed were used to kill civilians.
They also pushed the narrative that Iran’s collusion with Russia would result in adverse political and economic repercussions for Tehran, while making unflattering comparisons between Khamenei and Ukrainian President Volodymyr Zelensky.
“One has sold Iran to Russia and ordered their peoples’ murder,” one account tweeted. “The other is wearing a combat uniform alongside his people and has stopped the colonization of Ukraine by Russia with all his might.”
Scattershot fury
There were also cloak-and-dagger initiatives intended to damage Iran’s standing in neighboring countries, and undermine its regional influence. Much of this work seems to have been concerned with spreading panic and alarm, and creating a hostile environment for Iranians abroad.
For instance, accounts targeting audiences in Afghanistan claimed that Quds Force personnel were infiltrating Kabul posing as journalists in order to crush opposition to the Taliban. They also published articles from a US military-linked website that claimed on the basis of zero evidence that the bodies of dead refugees who’d fled to Iran were being returned to their families back home with missing organs.
Yet another damaging false narrative perpetuated by this cluster in late 2021 and early 2022 was that the IRGC was forcing Afghan refugees to join militias fighting in Syria and Yemen, and that those who refused were being deported.
Iraq was a country of particular interest to the Pentagon’s cyber warriors, with memes widely shared throughout Baghdad and beyond depicting IRGC influence in the country as a destructive disease, and content claiming Iraqi militias, and elements of the government, were effective tools of Tehran, fighting to further Iran’s imperial designs over the wider West Asia.
Militias were also accused of killing Iraqis in rocket strikes, engineering droughts by damaging water supply infrastructure, smuggling weapons and fuel out of Iraq and into Syria, and fuelling the country’s crystal meth epidemic.
Another cluster of Pentagon accounts focused on Iran’s involvement in Yemen, publishing content on major social networks critical of the Ansarallah-led de-facto government in Sanaa, accusing it of deliberately blocking humanitarian aid deliveries, acting as an unquestioning proxy of Tehran and Hezbollah, and closing bookstores, radio stations, and other cultural institutions.
Several of their posts blamed Iran for the deaths of civilians via landmine, on the basis Tehran may have supplied them.
Laying the ground
Other CENTCOM psychological warfare (psywar) narratives have direct relevance to the protests that have engulfed Iran.
There was a particular focus among one group of bots and trolls on women’s rights. Dozens of posts compared Iranian women’s opportunities abroad with those in Iran – one meme on this theme contrasted photos of an astronaut with a victim of violent spousal abuse – while others promoted protests against the hijab.
Alleged government corruption and rising living costs were also recurrently emphasized, particularly in respect of food and medicine – production of which in Iran is controlled by the IRGC, a fact CENTCOM’s online operatives repeatedly drew attention to.
Women’s rights, corruption, and the cost of living – the latter of which directly results from suffocating US sanctions – are all key stated motivating factors for the protesters.
Despite the rioters’ widespread acts of violence and vandalism, targeted at civilians and authorities alike, such as the destruction of an ambulance ferrying police officers away from the scene of a riot, they also claim to be motivated by human rights concerns.
Establishment and fringe journalists and pundits have dismissed as conspiracy theories, any suggestions that protests in Iran and beyond are anything other than organic and grassroots in nature.
Yet, clear proof of foreign direction and sponsorship abounds, not least in the very public face of the anti-hijab movement, Masih Alinejad, who for many years has encouraged Iranian women to ceremonially burn their headscarves from the confines of an FBI safehouse in New York City, then publicizes the images online, which travel round the world and back via social media and mainstream news outlets.
A regime-change war by other means
Alinejad’s activities have generated a vast amount of fawning and credulous media coverage, without a single journalist or outlet questioning whether her prominent role in the supposedly grassroots, locally-initiated protest movement is affiliated with foreign hostile interference.
This is despite Alinejad posing for photos with former CIA director Mike Pompeo, and receiving a staggering $628,000 in US federal government contracts since 2015.
Much of these funds flowed from the Broadcasting Board of Governors, the US government agency that oversees propaganda platforms such as Radio Free Europe, and Voice of America, the latter of which has produced a Farsi-language show fronted by Alinejad for seven years.
These clusters of social media posts may appear innocuous and authentic in an age of click-bait and viral fake news, yet when aggregated and analysed, they form a potent and potentially dangerous weapon which it turns out is one of many in the Pentagon’s regime-change arsenal.
Users browsing this forum: No registered users and 26 guests
