latest posts from Intel Desk
Each year, new stars are carved into the marble of the CIA’s Memorial Wall in the agency’s main lobby. Each represents an employee who died while carrying out his or her duties, often clandestine.
When it was first dedicated in 1974, there were 31 stars. After a ceremony held Monday, the number is 125. As is true almost every year, some of the new stars honor fallen officers whose names and operations remain classified.
Four of the eight new stars represent officers whose names if revealed might unveil classified operations.
A fifth was added to honor Mark S. Rausenberger, an 18-year agency officer who died while serving overseas. The circumstances of his death remain classified.
In the past, the agency has reviewed the history of clandestine operations to determine if a name can be declassified. The identity of the man honored with the first star, Douglas Mackiernan, wasn’t revealed until 2006, 56 years after his death.
The three other new stars pay tribute to David Bevan, Darrell Eubanks, and John Lewis. All died when their plane crashed while carrying out a mission for Air America, the CIA’s Vietnam-era "airline," in Laos in 1961.
In remarks to those assembled before the wall Monday, including families of the fallen, CIA Director Mike Pompeo said that each star represents "a life that is dear to us … We remain forever devoted to them, as they were to us. And we will strive to make them proud of us, as we are of them."
Click here for instructions on different ways to reach us: email, mail, or the messaging apps Signal, Telegram or WhatsApp. Each tool has its own security measures.
Two U.S. defense officials confirm that North Korea's launch of a KN-17 missile last Sunday was successful and that the missile's re-entry vehicle did successfully re-enter the atmosphere.
The re-entry was controlled and the vehicle did not burn up, the officials said. It landed in the sea near Russia.
The KN-17 is a liquid fuel single-stage missile. In boasting of the successful launch, the North Koreans called it a "medium long-range" ballistic rocket that can carry a heavy nuclear warhead.
The U.S. officials characterized Sunday's launch as an advancement for the North Korean missile program.
North Korea also launched one in mid-April, but it exploded seconds later.
The Treasury Department announced new sanctions on Iran for its ballistic missile program Wednesday, but also said it will continue to waive sanctions as required by the Iran nuclear deal.
"The Treasury Department is imposing new sanctions on Iranian defense officials, an Iranian entity, and a China-based network that supplied missile-applicable items to a key Iranian defense entity,'" said a statement released by the Treasury Department. "The action reflects concern with Iran’s continued development of ballistic missiles, which is in inconsistent with United Nations Security Council Resolution 2231.
The statement also said the waiver of sanctions "does not diminish the United States' resolve to continue countering Iran's destabilizing activity in the region. ... [A]bove all, the United States will never allow the regime in Iran to acquire a nuclear weapon."
A former senior National Security Agency official who consults with the agency told NBC News that it's true, as cybersecurity researchers report, that the WannaCry ransomware epidemic is the result of a software vulnerability identified and stockpiled by the NSA. And it became public when it leaked as part of the Shadow Brokers disclosures.
The NSA releases 90 to 95 percent of the software vulnerabilities it discovers, he said, but it sits on the rest for use in hacking and spying activities. In other words, it doesn't tell Americans about software holes that make them vulnerable -- so it can exploit those weaknesses to spy on foreigners.
In this case, after the leak, the NSA warned Microsoft and other companies, the official said. Microsoft released a patch in March.
But not everybody patches, and those running outdated systems may not even be able to.
The former official said some people would like the NSA to alert industry to every software hole it finds. But then, he said, the NSA would lose intelligence collection. And hackers would still find holes to exploit, because such holes are inevitable.
That said, he praised a new system in the UK, where spies sit with private researchers and share vulnerabilities in real time. That doesn't mean the Brits don't keep some secret, he added.
He sees a Russian hand in the Shadow Brokers disclosures, which would be ironic if true. Russia has suffered heavily from the ransomware attack because it uses pirated and outdated software.
Some media reports about the ransomware -- called WannaCry -- that rocked the UK health system, Spain's telecom industry, and other targets in Europe Friday say that hackers pulled it from a leaked NSA tool kit.
That's not really accurate.
Instead, computing experts say and a review of the computing code shows, the leaked NSA tool kit demonstrated to the hackers how they could attack these systems. The hackers didn't use NSA code, but they did copy something from the tool kit.
"WannaCry ransomware uses one of the exploits released recently by Shadowbrokers in the leaked NSA tools archive," said Andrew Komarov, chief intelligence officer for the cybersecurity firm InfoArmor. "This is pretty normal practice, where cybercriminals are using the latest vulnerabilities in order to increase the efficiency of their malware."
The name of the NSA tool that the hackers drew on to develop the new ransomware is called "Eternalblue".
The software fix for the vulnerability that the ransomware exploits came out in March, before the Shadowbrokers leak, so experts say there was theoretically time to patch systems in advance of an attack.
Komarov said there was no indication that WannaCry or Friday's attack had anything to do with the NSA "or any other state-sponsored cyber offensive activities."
The Agency announced late Tuesday that it has established a "Korea Mission Center" to "harness the full resources, capabilities, and authorities of the Agency in addressing the nuclear and ballistic missile threat posed by North Korea." The CIA also announced that Director Mike Pompeo has named a "veteran intelligence officer" to run the center — but declined to name the officer for security reasons.
Both publicly and privately, the agency has said North Korea has been one of, if not the most, difficult of intelligence targets.
"Creating the Korea Mission Center allows us to more purposefully integrate and direct CIA efforts against the serious threats to the United States and its allies emanating from North Korea," said Pompeo. "It also reflects the dynamism and agility that CIA brings to evolving national security challenges."