Two years ago, John Brennan, who was then director of the Central Intelligence Agency under President Obama, announced a far-reaching and controversial reorganization of the CIA. Before, most agency employees were assigned to one of four “directorates.” The Directorate of Operations, the agency’s eyes and ears, handled espionage in the field. The Directorate of Intelligence was the brains, processing and synthesizing raw intelligence, then writing it up into “assessments” and “estimates,” which percolated all the way up to the Oval Office. The Directorate of Science and Technology made the gear. The Directorate of Support managed the back office and kept the ships running on time.
Brennan’s reorganization added a brand-new Directorate of Digital Innovation, or DDI. Officially, the new directorate was responsible for “the integration of our digital and cyber capabilities.” This meant retrofitting the CIA for cyberwar, where victory depends on hacking other peoples’ secrets and protecting your own. Now, with the “Vault 7” release from WikiLeaks, it looks as though the youngest wing of the CIA is surprisingly porous. While it remains to be seen exactly what the rest of “Vault 7” will bring, the first batch of files appear to come almost exclusively from within the new directorate.
Of course, has CIA long engaged in cyber-espionage. Before Brennan established a new digital directorate, offensive cyber operations were undertaken by the CIA’s Information Operations Center. One of the Vault 7 files, called “Fine Dining,” gives a detailed overview of how the CIA’s cyber capabilities support operations in the field. Spies could request support to digitally surveil everyone from foreign governments to system administrators to their own “assets” or sources, even if their contact with the target was less than one minute long.
Unlike the Snowden disclosures, the initial Vault 7 release does not have much to say about exactly who the CIA was targeting and whether it have engaged in domestic spying. The techniques described in the files—surreptitiously implanted malware, hoarded “zero day” attacks,” and eavesdropping to smart TVs—are advanced but not mind-blowing. What is more surprising is how an agency charged with protecting the nation’s secrets apparently failed to keep track of its own. Vault 7 figures to be the most serious public breach of CIA secrecy since 1969, when case officer Philip Agee resigned and wrote a firsthand exposé on covert CIA activities in Latin America.
Last summer, the new directorate’s deputy director told Bloomberg that a “well-meaning but incompetent insider” is at fault for cyber breaches. That the WikiLeaks documents would come from within the new DDI is especially embarrassing for Brennan, who served as Obama’s White House counter-terrorism advisor during years when the administration pursued multiple investigations into journalists and their sources. Even as Brennan was publicly blaming Edward Snowden for the 2015 Paris attacks, he appears to have had some trouble mopping up the leaks in his own house. According to WikiLeaks, the CIA’s “hacking arsenal” was “circulated among former U.S. government hackers and contractors in an unauthorized manner.” While it is possible that the unauthorized circulation occurred after Brennan’s departure, in January 2017, the documents themselves date from 2013 to 2016, years when Brennan was pushing through his internal overhaul.
In November, Reuters published a long report on Brennan’s re-organization plan, which concluded the plan would involve “weakening the role of the Directorate of Operations.” The CIA has long had internal friction between Operations and Analysis. The Intercept reported in November last year that Trump’s national security team is considering reversing Brennan’s reforms. The most controversial part of Brennan’s re-organization is the creation of ten new “mission centers,” based around individual issues and regions, that brought analysts and career case officers together on a single staff. Some in Operations saw Brennan as representative of perceived defects in the analyst culture—data-driven, risk-adverse, with an increasing bias for signals intelligence over on-the-ground human sources.
A former CIA employee from the directorate of operations, who asked not be named because of the classified nature of their work, said many inside the agency were critical of Brennan’s reforms. “The joke we’d tell about Brennan was that big ops carry big risk, little ops carry little risk, and no ops carry no risk,” they said.