The President of USA, Donald Trump, gave additional powers to the CIA, in 2018, to carry out cyber attacks around the world. In particular, Yahoo News reported that the CIA used the new powers given to it to execute at least twelve businesses worldwide. The CIA had already been authorized to conduct silent surveillance and surveillance as well as to collect data, but its new powers allow it to do even more. These include, but are not limited to, catastrophic actions such as leakage data, as a former US government official told Yahoo News. While the former official did not provide details about each operation, Yahoo News reporters believe that the new forces and the CIA modus operandi are linked to a number of hack-and-dump incidents which occurred mainly in 2019. Some of these incidents are the following:
- Posted in Telegram, hacking tools (malware) from APT34, a hacking group linked to Iran.
- Leakage of approximately 15 million credit cards from three Iranian banks linked to Iran's IRGC.
- Violation of two companies providing cyber solutions and surveillance solutions for the Russian intelligence agency FSB, and sharing of data on Internet through a hacktivist group called the Digital Revolution.
- Doxing of Islamic Revolutionary Guard Corps (IRGC) intelligence agents in the Telegram, revealing their names, home addresses, phone numbers and social media profiles.
According to Yahoo News, such businesses would never have been approved by the previous ones governments of the USA, who were always very careful when attacking foreign opponents, fearing overthrow. However, in 2018, Trump "broke away" from the established White House stance on this issue and signed a document called “President finding”, enabling the CIA to plan and carry out covert cyber-attacks at its discretion and not under the supervision of the National Council Security (NSC).
However, this decision of Trump divides senior US officials. On the one hand, some officials feared that the decision would have negative consequences and provoke reactions from foreign opponents. On the other hand, some expressed concern about the NSC's lack of oversight. NSC oversight used to control them services US intelligence agencies, such as the CIA, when orchestrating and approving cyber-attacks on foreign soil, ensuring that services such as the CIA and NSA went through the proper process that would once take years from planning to execution. There were also intelligence officials who were particularly receptive and "enthusiastic" about Trump's decision, calling it a "necessary reform" to make the CIA more flexible and speed up foreign response times. attacks.
Finally, the countries in which the CIA cyberattacks took place are under consideration, but former US officials have stated that the document Russia, The China, Iran and North Korea, among others, but the actual number of countries is estimated to be higher.