Internet blows CIA cover
It's easy to track America's covert operatives. All you need to know is how to navigate the Internet.
By John Crewdson
Tribune senior correspondent
March 12, 2006
WASHINGTON -- She is 52 years old, married, grew up in the Kansas City suburbs and now lives in Virginia, in a new three-bedroom house.
Anyone who can qualify for a subscription to one of the online services that compile public information also can learn that she is a CIA employee who, over the past decade, has been assigned to several American embassies in Europe.
The CIA asked the Tribune not to publish her name because she is a covert operative, and the newspaper agreed. But unbeknown to the CIA, her affiliation and those of hundreds of men and women like her have somehow become a matter of public record, thanks to the Internet.
When the Tribune searched a commercial online data service, the result was a virtual directory of more than 2,600 CIA employees, 50 internal agency telephone numbers and the locations of some two dozen secret CIA facilities around the United States.
Only recently has the CIA recognized that in the Internet age its traditional system of providing cover for clandestine employees working overseas is fraught with holes, a discovery that is said to have "horrified" CIA Director Porter Goss.
"Cover is a complex issue that is more complex in the Internet age," said the CIA's chief spokeswoman, Jennifer Dyck. "There are things that worked previously that no longer work. Director Goss is committed to modernizing the way the agency does cover in order to protect our officers who are doing dangerous work."
Dyck declined to detail the remedies "since we don't want the bad guys to know what we're fixing."
Several "front companies" set up to provide cover for CIA operatives and the agency's small fleet of aircraft recently began disappearing from the Internet, following the Tribune's disclosures that some of the planes were used to transport suspected terrorists to countries where they claimed to have been tortured.
Although finding and repairing the vulnerabilities in the CIA's cover system was not a priority under Goss' predecessor, George Tenet, one senior U.S. official observed that "the Internet age didn't get here in 2004," the year Goss took over at the CIA.
CIA names not disclosed
The Tribune is not disclosing the identities of any of the CIA employees uncovered in its database searches, the searching techniques used or other details that might put agency employees or operatives at risk. The CIA apparently was unaware of the extent to which its employees were in the public domain until being provided with a partial list of names by the Tribune.
At a minimum, the CIA's seeming inability to keep its own secrets invites questions about whether the Bush administration is doing enough to shield its covert CIA operations from public scrutiny, even as the Justice Department focuses resources on a two-year investigation into whether someone in the administration broke the law by disclosing to reporters the identity of clandestine CIA operative Valerie Plame.
Not all of the 2,653 employees whose names were produced by the Tribune search are supposed to be working under cover. More than 160 are intelligence analysts, an occupation that is not considered a covert position, and senior CIA executives such as Tenet are included on the list.
Covert employees discovered
But an undisclosed number of those on the list--the CIA would not say how many--are covert employees, and some are known to hold jobs that could make them terrorist targets.
Other potential targets include at least some of the two dozen CIA facilities uncovered by the Tribune search. Most are in northern Virginia, within a few miles of the agency's headquarters. Several are in Florida, Ohio, Pennsylvania, Utah and Washington state. There is one in Chicago.
Some are heavily guarded. Others appear to be unguarded private residences that bear no outward indication of any affiliation with the CIA.
A senior U.S. official, reacting to the computer searches that produced the names and addresses, said, "I don't know whether Al Qaeda could do this, but the Chinese could."
Down on `The Farm'
For decades the CIA's training facility at Camp Peary, Va., near historic Williamsburg, remained the deepest of secrets. Even after former CIA personnel confirmed its existence in the 1980s the agency never acknowledged the facility publicly, and CIA personnel persisted in referring to it in conversation only as "The Farm."
But an online search for the term "Camp Peary" produced the names and other details of 26 individuals who according to the data are employed there. Searching aviation databases for flights landing or taking off from Camp Peary's small airstrip revealed 17 aircraft whose ownership and flight histories could also be traced.
Although the Tribune's initial search for "Central Intelligence Agency" employees turned up only work-related addresses and phone numbers, other Internet-based services provide, usually for a fee but sometimes for free, the home addresses and telephone numbers of U.S. residents, as well as satellite photographs of the locations where they live and work.
Asked how so many personal details of CIA employees had found their way into the public domain, the senior U.S. intelligence official replied that "I don't have a great explanation, quite frankly."
The official noted, however, that the CIA's credo has always been that "individuals are the first person responsible for their cover. If they can't keep their cover, then it's hard for anyone else to keep it. If someone filled out a credit report and put that down, that's just stupid."
One senior U.S. official used a barnyard epithet to describe the agency's traditional system of providing many of its foreign operatives with easily decipherable covers that include little more than a post office box for an address and a non-existent company as an employer.
Coverts especially important
And yet, experts say, covert operatives who pose as something other than diplomats are becoming increasingly important in the global war on terror.
"In certain areas you just can't collect the kind of information you need in the 21st Century by working out of the embassy. They're just not going to meet the kind of people they need to meet," said Melvin Goodman, who was a senior Soviet affairs analyst at the CIA for more than 20 years before he retired.
The problem, Goodman said, is that transforming a CIA officer who has worked under "diplomatic cover" into a "non-official cover" operator, or NOC--as was attempted with Valerie Plame--creates vulnerabilities that are not difficult to spot later on.
The CIA's challenge, in Goodman's view, is, "How do you establish a cover for them in a day and age when you can Google a name . . . and find out all sorts of holes?"
In Plame's case, online computer searches would have turned up her tenure as a junior diplomat in the U.S. Embassy in Athens even after she began passing herself off as a privately employed "energy consultant."
The solution, Goodman suggested, is to create NOCs at the very outset of their careers, "taking risks with younger people, worrying about the reputation of people before they have one. Or create one."
Shortage of `mentors'
But that approach also has a downside, in that "you're getting into the problem of very junior, inexperienced people, which a lot of veteran CIA people feel now is part of the problem. Porter Goss has to double the number of operational people in an environment where there are no mentors. Who's going to train these people?"
In addition to stepping up recruiting, Goss has ordered a "top-down" review of the agency's "tradecraft" following the disclosure that several supposedly covert operatives involved in the 2003 abduction of a radical Muslim preacher in Milan, Italy, had registered at hotels under their true names and committed other amateurish procedural violations that made it relatively easy for the Italian police to identify them and for Italian prosecutors to charge them with kidnapping.
Tribune researcher Brenda J. Kilianski contributed to this article from Chicago.
Copyright © 2006, Chicago Tribune
Can you say "Oops"?
I think this is very disturbing news, because it means that they can't even keep their own employees and data safe. What about the safety of others?