The has unveiled that a glitch on the CIA鈥檚 official Twitter account has been exploited by a cyber-security researcher to hijack a channel used for recruiting spies.
The US Central Intelligence Agency (CIA) account on X, formerly known as Twitter, displays a link to a Telegram channel for informants.
Investigating the Security Mistake
听
The US government organisation, known for dealing with matters of national security and gathering secret intelligence information, often over the Internet, from a vast network of spies and tipsters around the world, has had its official X account exploited to gain private information.
鈥淢y immediate thought was panic,鈥 said Mr McSheehan, 37, who lives in the US, when he discovered the security mistake earlier on Tuesday.
鈥淚 saw that the official Telegram link they were sharing could be hijacked 鈥 and my biggest fear was that a country like Russia, China or North Korea could easily intercept Western intelligence.鈥
At some point after 27 September, the CIA had added to its X profile page a link 鈥 https://t.me/securelycontactingcia 鈥 to its Telegram channel containing information about contacting the organisation on the dark net and through other secretive means.
The channel said, in Russian: 鈥淥ur global mission demands that individuals be able to reach out to CIA securely from anywhere,鈥 while warning potential recruits to 鈥渂e wary of any channels that claim to represent the CIA鈥.
But a flaw in how X displays some links meant the full web address had been truncated to https://t.me/securelycont 鈥 an unused Telegram username.
More from Tech
- Engineered For Trust: What Is The Hacoo App Doing To Fight Fake Perfection?
- Where Have All The Junior Tech Jobs Gone?
- Hello, Savings: The Business Case For Switching To VoIP
- What Industries Are Most Likely To Benefit First From Quantum Computing?
- Britain Leads Europe In DeepTech Funding 鈥 So Why Do Its Best Companies Keep Leaving?
- The Free Media Player That Said No To Millions: How VLC Survived Nearly 30 Years Without Ads
- RiseGuide Launches Speech Analyzer: In-App Tool That Turns Solo Speech Practice Into Structured, Personalised Feedback
- The US Built A Free Speech Tool For Oppressed Nations 鈥 So Why Are Brits Using It Most?
鈥淐IA really dropped the ball鈥
听
As soon as Mr McSheehan noticed the issue, he registered the username so anyone clicking on the link was directed to his own channel, which warned them not to share any secret or sensitive information.
鈥淚 did it as a security precaution,鈥 he said.
鈥淚t鈥檚 a problem with the X site that I鈥檝e seen before 鈥 but I was amazed to see the CIA hadn鈥檛 noticed.鈥
Although the mistake was quickly corrected after Mr McSheehan brought it to attention, this does little to reinforce trust in the safety of the account and the information it鈥檚 privy to.
鈥淭he CIA really dropped the ball here,鈥 the ethical hacker said.
The organisation鈥檚 X platform has nearly 3.5 million followers, which allows it to promote the agency and encourage people to get in touch to protect US national security. However, this leaves space for a lot of damage should the platform be hijacked or exploited in any way.
Should Secret Services Have Social Media?
听
The recent hijacking leaves one big question hanging in the air: should secret services have social media accounts?
Government organisations around the world have, typically, garnered a reputation (out of necessity) of being the silent, everpresent tip of the spear in global conflicts and shadowy espionage campaigns.
One can鈥檛 help but feel that the introduction of our globe鈥檚 secret services on social media seems a little off-brand for spy agencies that pride themselves on covert actions.
Is this a shiny new era of these organisations鈥 histories, where they are more in touch with the population they鈥檙e meant to protect? Or is this, seemingly public rebranding, a disaster waiting to happen?
Should intelligence agencies, whose whole existence is based on how good it is at being an impenetrable labyrinth, need a public presence?
