CIA informants killed and imprisoned after Iran found them on Google

An enormous security blunder resulted in 30 operatives being imprisoned in Iran – and in some cases killed – according to officials at the CIA, America’s intelligence agency. According to Yahoo News, the incident occurred in 2009 when Iran managed to infiltrate a series of websites that the agency had been using to talk to overseas informants.

Most embarrassing for the CIA, however, is the fact these websites were found by Iran doing a simple Google search after suspecting that a mole was in its nuclear programme. Once the Iranian government was shown one of the websites by a double agent, it was then just a matter of Googling to find links to other sites.

The major leak affected all facets of national security, those in the know said, from intelligence agencies to congressional intelligence committees. One formal official was quoted as saying: “When these types of compromises happen, it’s so dark and bad. They can burrow in. It never really ends.”

In explaining what happened, officials linked to the agency said that the system was originally intended as a temporary communications channel, but the agency quickly became too reliant on it as the go-to method.

Another official said: “The issue was that it was working well for too long, with too many people. But it was an elementary system. Everyone was using it far beyond its intention.”

US Geological Survey employee spreads porn malware

Staying with US federal agencies, the US Geological Survey was revealed to have been the victim of a major malware infection after one of its employees unintentionally infected the network because they had “an extensive history of visiting adult pornography websites”.

According to the BBC, investigators found that the person visited as many as 9,000 pages infected with malware designed to steal data from devices, while also being associated with ransomware attacks.

“Our analysis confirmed that many of the pornographic images were subsequently saved to an unauthorised USB device and personal Android cellphone,” the investigator’s report said.

‘Rip-off’ personal data brings about inquiry in UK

According to The Guardian, the UK Government is launching an inquiry into companies using personal data to set individualised pricing after claims of businesses charging some shoppers significantly more than others.

The UK Competition and Markets Authority (CMA) raised fears that artificial intelligence could result in digital price tags in high street shops and online ripping people off.

“With more of us shopping online, it’s important we understand how advances in technology impact consumers … so we can understand how best to protect people from unfair practices where they exist,” said CMA’s chief executive, Andrea Coscelli. “We will also use the results in our ongoing efforts to help vulnerable consumers.”

IT professionals don’t read enough about breaches

A new survey from Origin Comms into the media consumption trends of IT security professionals showed many are falling behind in the latest news and trends of data breaches.

The research highlighted that IT security professionals spend an average of only seven minutes reading an article at any one time, yet admitted to spending nearly an hour (58 minutes) on average researching a breach when they hear about it.

The survey showed that old media such as newspapers, TV and radio were practically ignored as sources, while IT security-specific sites (59pc) and IT sites (58pc) lead the way as the most popular news sources.

“In an industry founded on security and trust, it’s unsurprising that IT security professionals adopt a similar attitude when it comes to sourcing news and information they can depend on,” said Paula Averley, founder and director of Origin Comms.

Updated, 3.59pm, 5 November 2018: This article was updated to remove reference to the Cathay Pacific breach, which was revealed in the week before last.

The post CIA informants killed and imprisoned after Iran found them on Google appeared first on Silicon Republic.