In 2018, the U.S. President Donald Trump gave powers to the Central Intelligence Agency (CIA) to conduct offensive covert cyber operations across the globe, revealed a report quoting former U.S. officials with direct knowledge of the matter. The federal agency used its power to carry out at least "a dozen operations" beyond the U.S. borders that included Iran and other countries.
The CIA, usually conducts silent surveillance and data collection, but the new power allowed the agency to go further. A former U.S. government official told Yahoo News, "This has been a combination of destructive things - stuff is on fire and exploding - and also public dissemination of data: leaking or things that look like leaking."
Even though the official did not reveal specific details of each operation, the report claimed that CIA's new powers and modus operandi linked it to a series of hack-and-dump events that happened primarily in 2019. It includes publishing hacking tools (malware) from APT34, which is an Iranian government hacking unit, Islamic Revolutionary Guard Corps (IRGC) intelligence agents on Telegram by revealing their full names, home addresses, social media profiles, and phone numbers.
The hack-and-dump incidents also include dumping details of about 15 million payment cards from three Iranian banks linked to IRGC and hacking of two contractors who provide cyber-weapons and surveillance solutions for Russia's FSB intelligence agency as well as sharing the data online via a hacktivist group, known as Digital Revolution.
The Approved Cyber Operation of The U.S.
As per the report, such operation would have never been approved in the previous U.S. administrations as there were many restrictions that had been in place under prior administrations. But in 2018, Trump signed an authorization document called a 'presidential finding' that allowed the CIA to plan and execute offensive digital operations under its judgment, rather than under the supervision of the National Security Council (NSC).
The report claimed that the decision taken by Trump had split top U.S. intelligence officials. While some of them feared repercussions from foreign adversaries, some were concerned about the lack of NSC's direction. The source told the Yahoo News that some intelligence officials felt that the decision, taken by Trump was "a needed reform" in order to make the CIA more agile and boost the response time to foreign cyberattacks.
However, the locations of these CIA cyber operations are yet to be revealed, along with operational details. The U.S. official who revealed the truth said the "very aggressive" finding gave the CIA "very specific authorities to really take the fight offensively to a handful of adversarial countries," which include names like Russia, China, Iran, and North Korea as the targeted countries.
Trump Accepted The Fact
A recent report by Washington Post has revealed something similar that Trump told columnist Marc Thiessen that the U.S. did launch a cyberattack targeting Russia in 2018, in an interview. When Trump was asked whether he had launched a digital strike, Trump replied, "Correct." Trump also told Thiessen, in 2016 that then-President Barack Obama knew before the election that "Russia was playing around. Or, he was told."
He said Obama did not say anything about it as "he didn't want to touch it because he thought [Hillary Clinton] was winning because he read phony polls. So, he thought she was going to win. And we had the silent majority that said, 'No, we like Trump.' "
But the 45th President of the U.S. acted on intelligence the U.S. had about Russia's meddling by launching the cyberattack. Trump told Thiessen, "Look, we stopped it." He explained that the attack on Russia was part of a broader policy to confront the country and added that "Nobody has been tougher on Russia than I have."
But at that time he did not mention anything about empowering CIA to carry out cyber operations that resulted in several hacks and data dumps from Russian and Iranian spy agencies.