recommended reading

CIA Accused of Hacking Senate Staffer Computers

Sen. Mark Udall, D-Colo.

Sen. Mark Udall, D-Colo. // Susan Walsh/AP

The Central Intelligence Agency is under investigation for allegedly spying on the Senate Intelligence Committee, panel Chairwoman Dianne Feinstein confirmed Wednesday.

The CIA is prohibited from spying on Americans, and spying on members of Congress and their staff would raise particular concerns about the separation of powers. Congress created the House and Senate Intelligence committees in the 1970s to oversee the CIA, the National Security Agency, and other spy agencies after uncovering a slew of spying abuses.

The CIA's internal watchdog, its inspector general, is reviewing whether CIA agents hacked into the computers of Senate staffers who were involved in producing a report critical of the agency's now-defunct detention and interrogation program, The New York Times reported Wednesday. According to McClatchy, the inspector general's office has asked the Justice Department to investigate the case.

The committee worked on the 6,300-page interrogation report for years. The report, which remains classified, concluded that brutal interrogation techniques produced little valuable intelligence. Last June, the CIA responded with its own 122-page report challenging particular facts and the conclusion of the Senate's document. Ending the interrogation program was one of President Obama's first acts in office.

Sen. Mark Udall, a Colorado Democrat and member of the Intelligence panel, wrote a letter to Obama on Tuesday, urging him to support declassification of the full report. Udall referred vaguely to the CIA's alleged spying on the committee.

"As you are aware, the CIA has recently taken unprecedented action against the Committee in relation to the internal CIA review, and I find these actions to be incredibly troubling for the Committee's oversight responsibilities and for our democracy," Udall wrote. "It is essential that the Committee be able to do its oversight work—consistent with our constitutional principle of the separation of powers—without the CIA posing impediments or obstacles as it is today."

In December, Udall said the committee obtained internal CIA documents that were "consistent with the Intelligence Committee's report" and contradicted the CIA's official response.

According to The New York Times, the CIA believed that the committee may have somehow gained unauthorized access to the agency documents. The agency began its alleged spying of the committee to investigate how the documents were obtained, according to the news report.

A CIA spokesman declined to comment on the inspector general's probe. Caitlin Hayden, a White House spokewoman, also declined to comment on the investigation or when the president learned of possible spying on the Senate committee.

But she said the White House believes that the "findings and conclusion" of the interrogation report should be declassified, with appropriate redactions.

Christopher Anders, a legislative counsel for the American Civil Liberties Union, said that if the CIA in fact spied on the Senate Intelligence Committee, it would be an "outrageous violation of separation of powers."

"CIA surveillance of Congress would be another sign that the intelligence community has come to believe that they are above the law, and should get only deference from the other branches of government, not the meaningful oversight that's required by the Constitution," Anders said.

"Checks and balances, especially for agencies like the CIA and NSA that have many secret operations, are essential for democratic government. At the very least, these reports should spur the committee to vote quickly for the declassification and release of its full report into the CIA's torture program so the American people can see what it is that the CIA is so eager to hide."

The existence of the investigation into CIA spying appears to explain a question that Democratic Sen. Ron Wyden asked CIA Director John Brennan in January. Wyden pressed Brennan on whether a federal law that bans unauthorized hacking into computers applies to the CIA. At the time, Brennan said he was unsure and would have to get back to the senator in writing.

On Wednesday, after news broke of the alleged CIA spying, Wyden released Brennan's letter responding to the question. Brennan said that the anti-hacking law does in fact apply to the CIA, but he noted that the law expressly "does not prohibit any lawful authorized investigative, protective, or intelligence activity."

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.