iStockphoto
A flaw in X/Twitter’s system caused a link to an official Central Intelligence Agency (CIA) channel used for recruiting spies to direct somewhere completely different.
Normally, the CIA account on X (formerly known as Twitter) has a link to a Telegram channel for informants in its profile.
The CIA Telegram channel the link is supposed to direct to reads, in Russian, “Our global mission demands that individuals be able to reach out to CIA securely from anywhere.” It also warns potential recruits to “be wary of any channels that claim to represent the CIA.”
“We are the Nation’s first line of defense,” the CIA Twitter profile reads.
Apparently, “the Nation’s first line of defense” was no match for a hacker thanks to a Twitter glitch.
Because a man named Kevin McSheehan was able to utilize the glitch on Central Intelligence Agency Twitter account to redirect that Telegram channel link to his own channel on Telegram.
McSheehan, who is referred to as an “ethical hacker” by the BBC, said, “The CIA really dropped the ball here.”
He said he discovered the security flaw on Tuesday and his “immediate thought was panic.”
“I saw that the official Telegram link they were sharing could be hijacked – and my biggest fear was that a country like Russia, China or North Korea could easily intercept Western intelligence,” he told the BBC.
Thanks to Twitter truncating the CIA’s link to their Telegram channel and sending it to an unused Telegram account, McSheehan was able to register the username so the link would be directed to his account instead of to the CIA.
The link should have gone to t.me/securelycontactingcia. Instead, thanks to a flaw in Twitter’s system it was directed to t.me/securelycont.
“I did it as a security precaution,” he said, explaining why he quickly claimed the unused Telegram username.
“It’s a problem with the X site that I’ve seen before – but I was amazed to see the CIA hadn’t noticed.”
The BBC reached out to the CIA for comment, but did not receive one. However, the glitch was fixed within an hour of their request.
“I was motivated by NATSEC,” McSheehan told Motherboard. “I assumed that it was a very recent mistake and that a bad actor was going to capitalize on it at any minute. I didn’t even need to think—I just locked it down. I appointed myself the gig on the spot. I’m patriotic, very pro-CIA and have a documented history of whitehatting.”
While he does think the CIA should have caught this Twitter flaw, he still places most of the blame on Twitter.
“The CIA is solid. X has been buggy for months with links, text formatting, etc,” he said. “Blame really can’t be placed on the CIA. Did they drop the ball? Yes kind of — but everyone drops the ball sometimes. Even in the [intelligence community].”