The U.S. intelligence agency Central Intelligence Agency (CIA) is said to have carried out dozens of cyber attacks worldwide since 2018. According to a report by Yahoo News, they targeted the government of Iran, several Iranian banks and suppliers of the Russian secret service FSB, among others. Former US government officials are cited as sources.
In 2018, US President Donald Trump granted the CIA far-reaching powers to carry out cyber surgery worldwide. They allowed the intelligence agency to expand its activities far beyond surveillance and data collection. The CIA is said to have made use of this especially in the past year.
For example, the publication of APT34 group hacking tools on Telegram, which is supported by the Iranian government, is now assigned to the CIA. In addition, the secret service, also on Telegram, is said to have made the identity of agents of the Iranian Revolutionary Guard public.
The CIA stole details of 15 million bank cards from three Iranian banks connected to the Revolutionary Guard – and also published them. In addition, the CIA is said to have leaked data to the hacking group Digital Revolution, which comes from an attack on two companies, which in turn supply the Russian FSB with cyber weapons and surveillance solutions.
Yahoo News sources said such operations had not been approved by previous U.S. governments. They were always very careful against hostile foreign services and organizations for fear of retaliation.
The U.S. President’s decree in 2018 alone placed the decision of the offensive cyber campaign in the hands of the U.S. intelligence agency. Previously, all actions had to be coordinated with the White House and the National Security Council. According to Yahoo News, the change in course was not only met with approval from the US government.
Among other things, a lack of control by the National Security Council was criticized. However, it is said to have meant that earlier operations could often only be carried out after a planning phase lasting several years. Other government officials welcomed the President’s decree because it made intelligence more agile and shortened response times to foreign attacks.
The countries in which the CIA carries out cyber operations are subject to confidentiality. According to people who know the presidential decree, Russia, China, Iran and North Korea are listed as destinations. However, the CIA should also be authorized to act in other countries.