The CIA Discovers It Has A Mole

The arrest of former CIA case officer Jerry Chun Shing Lee sheds light on a shadowy counterintelligence drama that has been playing out for nearly eight years. 

Starting around 2010, the Central Intelligence Agency saw some of its most valuable spies inside China go down. This does not mean “going down” in a perp-walk-to-the-courthouse sort of way. This is China: They were executed. 

One was reportedly shot right outside the government building where he worked, just to make sure his coworkers got the message. The lucky ones were imprisoned. According to The New York Times, 18 to 20 CIA sources were blown, making it one of the most damaging counter intelligence losses in agency history. The story of Lee’s arrest is still developing, but much is already clear. 

First of all, Jerry Chun Shing Lee wasn’t some back-room paper-pushing bureaucrat at Langley. He was a “case officer” whose job was helping to recruit foreign spies to spill secrets to the United States. He was supposed to create moles, not become one.

It also appears the Chinese government probably gained access to highly classified information about US assets through electronic means, a mole, or both

According to press reports, intelligence officials have been sharply divided about how exactly all of this valuable intelligence got into Beijing’s hands. News of Lee’s arrest suggests that a mole was involved but certainly does not rule out other possibilities or people.

The FBI has not yet run this case to ground. According to the affidavit by FBI Special Agent Kellie R. O’Brien released recently, FBI agents searched through Lee’s belongings while he stayed at hotels in Hawaii and Virginia in August 2012. 
Those searches found two little books filled with big secrets that included the true names of Chinese assets, operational notes from clandestine meetings, as well as covert CIA facility locations. Now, more than five years later, Lee has been arrested only for unlawful retention of national defense information, not for handing that information over to a foreign government. If there’s another shoe, it hasn’t dropped yet.

It’s also clear that the damage done is big. In addition to blown assets, which take years to develop, and compromised information, which likely revealed American intelligence tradecraft, the organisational aftershocks for the CIA will be significant. 

Counter-intelligence failures are the ultimate betrayal, when one of the agency’s own, someone inside the circle of trust who swore an oath and promised to serve, turns against country and cause. Lee’s coworkers and others are undoubtedly asking themselves what they could or should have known. 

Investigations are undoubtedly exploring what early warning indicators might have been missed and what more could have been done. The heat will be on to learn the right lessons for the future and to tighten security protocols. All of these steps are important and necessary. But it’s a delicate thing, dealing with betrayal. 

Counter intelligence taken too far can create a debilitating, distrustful culture where suspicions run wild, careers can be destroyed, and truth can get lost.  

How do we know? Because we have seen this before. For 20 long years, CIA counter intelligence efforts were led by a boozy paranoid named James Angleton who was seared by the discovery that one of his dearest friends in British intelligence, Kim Philby, was actually a Soviet mole. Philby was eventually sacked and fled to Moscow. Angleton was convinced the Russians had more Philbys in the United States, and he spent his life on a relentless quest to find them, trusting no one, suspecting everyone, and ruining the lives of many. 

At the end of his career he was widely viewed as cagey, uncontrollable, isolated, and drunk. Decades later, the CIA’s own historian charitably described Angleton as someone whose “negatives outweighed his positives.”

The final pages of Lee’s spy story haven’t been written yet. But history suggests some useful lessons about how they should not end.

DefenseOne

You Might Also Read: 

CIA Chief - Trump Picks Pompeo:

US Intelligence Agencies Fear Insiders As Much As Spies:

Secret Arrest Of A National Security Agency Contractor:

 

 

« How To Handle A Cyber Crisis
Insiders Are Behind Most Business Cybersecurity Incidents »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

Secnology

Secnology

Secnology is dedicated to developing and providing the most powerful and user friendly event analysis and security management solution.

Horangi

Horangi

Horangi provides security products and services that enable the rapid delivery of Incident Response and threat detection for our customers who lack the scale, expertise, or time to do it themselves.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Cyber Security Africa

Cyber Security Africa

Cyber Security Africa is a full-service Information Security Consulting firm offering a comprehensive range of Services and Products to help organizations protect their valuable assets.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

FraudLabs Pro

FraudLabs Pro

FraudLabs Pro detects fraud and helps merchants to reduce e-commerce chargebacks by identifying high risk transactions.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

TryHackMe

TryHackMe

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers.

PNGCERT

PNGCERT

PNGCERT is the national Computer Emergency Response Team (CERT) for Papua New Guinea.

ClearVector

ClearVector

ClearVector is a leading provider of realtime, identity-driven security for the cloud.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.