CIA disguised espionage communications as Star Wars fan site

“May the Force be with you” – What at first glance looks like a typical Star Wars fan website from the 2000s was actually access to a covert communication system of the US Central Intelligence Agency (CIA), according to a security researcher. Years after the discovery of a network of sites that were used for secret communication between spies and the Secret Service, further sites and details about the secret communication system have now come to light thanks to the Brazilian's research – including the Star Wars site.

The CIA apparently operated an entire network of websites where an innocuous-looking search box provided access to a communication system, the US news agency Reuters reported back in 2022. Anyone who knew the right term could access a Java applet that could be used to send messages to the CIA. According to the research, the system was not used for top information – for which there were separate communication devices.

Sites in German also included

Each website was assigned to a spy so that, in the event of exposure, other secret services would not be able to use the URL as a clue to expose other spies. The pages that Ciro Santilli inspected more closely using the Wayback Machine were often written in the respective national language so that they would not attract the attention of surveillance agencies. In addition to sites that were apparently designed to be accessed in Iran, China, and Russia, he also discovered websites in French, Spanish and German, Santilli reports on his website.

The cover sites also included a Johnny Carson fan site, extreme sports and Brazilian music websites as well as sites called “Rasta Direct”, “Fitness Dawg” and Iranian soccer and Russian wrestling portals.

Vulnerabilities exposed informants

Despite the great effort involved in launching hundreds of websites, there were a few vulnerabilities that made them easy to detect. According to Santilli, these included the fact that the sites were located on servers whose IP addresses were numbered sequentially. So if you knew an IP address, you could simply count up and expose other pages in this way, he explains. There were also telltale elements in the HTML code that pointed to the hidden messaging system.

According to media reports, the network came to light when US President Barack Obama made a secret Iranian uranium enrichment facility public in 2009. The Iranian Secret Service then intensified its search for American informants and apparently found what it was looking for. According to reports, various informants were exposed, arrested and in some cases executed. Several dozen sources were also uncovered in China. The CIA only noticed this in 2013 and subsequently shut down the network.

(mki)