CIA Employees Identified Online

Use Netsparker


Pretty Scary eh?

Although some people do call them the Central Lack-of Intelligence Agency.

Privacy is a major issue and well people should be a little more careful about what they reveal online, perhaps I’ll rehash my old Google Hacking Presentation and write it up as a post for Darknet. I guess it would be interesting reading for many people.

Remember the Internet has memory now with Google Cache, MSN and Yahoo! are starting to Cache too and there are other services like http://web.archive.org that show the history of a site. So if you slip up and make something public on your domain, it may well come back to haunt you.

The identities of 2,600 Central Intelligence Agency (CIA) employees and the locations of two dozen of the agency’s covert workplaces in the United States can be found easily through Internet searches, according to an investigation by the Chicago Tribune.

The newspaper obtained the information from data providers who charge fees for access to public records and reported on its findings in Sunday editions. It did not publish the identities or other details on its searches, citing concern it could endanger the CIA employees.

I’ll talk about this kind of thing more in depth later as it is one of my areas of expertise, passive information gathering, the things people expose on the net, it’s pretty amazing really..and scary at times as this CIA example shows.

One of the facilities, a CIA training area dubbed “The Farm” at Camp Peary, Virginia, was a well-kept secret for decades. The agency refused to publicly acknowledge its existence, even after former CIA personnel confirmed its presence in the 1980s.

But the Tribune said an Internet search for the term “Camp Peary” produced data identifying the names and other details of 26 people who apparently work there.

Additionally, a review of aviation databases for flights at Camp Peary’s airstrip revealed 17 aircraft whose ownership and flight histories also could be traced.

Really, I think they should at least try and be a little more careful.

Source: Zdnet

Posted in: Hacking News, Privacy

, , ,


Latest Posts:


Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.


One Response to CIA Employees Identified Online

  1. Mozzy April 18, 2006 at 9:31 am #

    NO WAY!

    *loool*