Secret Trump order gave CIA more powers to target Iran: report

July 17, 2020 - 19:20

TEHRAN — The CIA has conducted a series of covert cyberattacks against Iran and other targets since 2018 when U.S. President Trump gave sweeping authorization for such activities, former U.S. officials with direct knowledge of the matter revealed.

According to Yahoo News, the secret authorization gives the spy agency more freedom in both the kinds of operations it conducts and who it targets.

The authorization allows the CIA to more easily authorize its own covert cyber operations, rather than requiring the agency to get approval from the White House.

It “gave the agency very specific authorities to really take the fight offensively to a handful of adversarial countries,” said a former U.S. government official. 

These countries include Russia, China, Iran, and North Korea — which are mentioned directly in the document — but the authorization potentially applies to others as well, according to another former official. 

“The White House wanted a vehicle to strike back,” said the second former official. “And this was the way to do it.”

The CIA’s new powers are not about hacking to collect intelligence. Instead, they open the way for the agency to launch offensive cyber operations with the aim of producing disruption — like cutting off electricity or compromising an intelligence operation by dumping documents online — as well as destruction, similar to the U.S.-Israeli 2009 Stuxnet attack against Iran’s nuclear program.

The authorization has made it easier for the CIA to damage adversaries’ critical infrastructure, such as petrochemical plants, and to engage in the kind of hack-and-dump operations that Russian hackers and WikiLeaks popularized, in which tranches of stolen documents or data are leaked to journalists or posted on the internet. It has also freed the agency to conduct disruptive operations against organizations that were largely off-limits previously, such as banks and other financial institutions.

Another key change with the authorization is it lessened the evidentiary requirements that limited the CIA’s ability to conduct covert cyber operations against entities like media organizations, charities, religious institutions or businesses believed to be working on behalf of adversaries’ foreign intelligence services, as well as individuals affiliated with these organizations, according to former officials.

“Before, you would need years of signals and dozens of pages of intelligence to show that this thing is a de facto arm of the government,” a former official told Yahoo News. Now, “as long as you can show that it vaguely looks like the charity is working on behalf of that government, then you’re good.”

A current senior intelligence official, who declined to discuss specific U.S. government operations or policies, called Trump-era interest in offensive operations “phenomenal.” The CIA, the National Security Agency, and the Pentagon “have been able to play like we should be playing in the last couple of years,” the current official said. 

John Bolton’s appointment as national security adviser in April 2018 gave another boost to those seeking to ease restrictions on cyber operations. 

“We needed to scrap the Obama-era rules and replace them with a more agile, expeditious decision-making structure,” Bolton writes in his recently published memoir, “The Room Where It Happened.” Part of this involved strengthening the U.S. government’s “clandestine capabilities” in cyberspace against “nonstate actors” and others, he writes.

The new cyber authorization further emboldened the CIA’s operations against Iran, according to former officials. Even before Trump signed the directive, administration officials were already encouraging the CIA to aggressively interpret preexisting secret Iran-related authorities to help prosecute the administration’s “maximum pressure” campaign against Tehran. 

Using the Cold War strategy of rolling back the Soviet Union as inspiration, senior Trump national security officials believed that destabilizing Iran within its borders would force the Islamic Republic to cease its activities abroad and, perhaps, collapse. 

The maximum-pressure campaign includes punishing economic sanctions, but has also involved CIA cyberattacks on Iranian infrastructure, said, former officials. 

“It was obvious that destabilization was the plan on Iran,” said one former official, and Trump administration officials were eager to have the CIA conduct destructive cyber operations against targets inside that country. Bolton “wanted another tool, he wanted another hammer. He was looking at Stuxnet and how to be mean to Iran, so that was probably attractive to him,” said another source.


Leave a Comment

3 + 6 =