Spies’ Growing Pains

The CIA has had to rethink human intelligence.

First the bad news. Last month marked the anniversary of the deadliest attack on CIA employees in a quarter century. On Dec. 30, 2009, a man the CIA believed was an al Qaeda informant, but who was actually a double agent, blew himself up on a CIA base in Khost, Afghanistan. He killed seven CIA employees and contractors, including one of the top trackers of al Qaeda working in government at the time. An official review determined the employees in Khost relaxed their rigid security procedures because they didn't want to alienate the informant, who they badly wanted to believe could provide the whereabouts of top terrorist leaders, including Osama bin Laden's deputy.

The bomber wasn't put through a metal detector, nor was he given a thorough pat-down to see whether he might be hiding explosives on his body.

Now the good news. In November 2010, the CIA, working with their counterparts in Saudi Arabia, averted two possible midair disasters when they intercepted and defused bombs cleverly hidden inside computer printers. That victory was also the product of human intelligence, which this time turned out to be genuine. In fact, it was so specific that officials were able to identify the deadly packages by their UPS and FedEx tracking numbers.

What do we make of these two cases, which had such vastly different outcomes? It's this: The war on terror will be won or lost on the strength of human intelligence-the tips, leads and, yes, information obtained under duress that the CIA has been trying to gather with mixed results since the Sept. 11 attacks.

Most of the foiled terrorist plots in the past year were the result of so-called HUMINT. The plot to use beauty products to build subway bombs, the cargo bombs attempt, and a string of drone strikes in Pakistan that have taken out top terrorist leaders all depended on human spies providing specific enough details for U.S. officials to take action. Soon after the 9/11 attacks, intelligence experts predicted the CIA would have to recruit a network of spies abroad to get inside al Qaeda terrorist rings. That's happening now.

The drone strikes offer the best indication of how dependable the spy network in Pakistan has become. If we're to believe the reporting from official sources, and from the terrorists themselves, people on the ground are helping to show the CIA where to aim its planes and their missiles. Without this information, the drones have nothing to attack.

And yet the Khost bombing makes us question whether the CIA is as skilled with its spies as the drone war suggests. Officials were duped by their Jordanian informant. They believed he could lead them to al Qaeda's inner circle and that he had developed a public cover as a militant jihadist. The fact that he played the CIA so well means we have to question its basic process for vetting potential spies. Headquarters now is doing just that. Officials are assigning more, and presumably better-trained, counterintelligence officers to detect dubious informants and double agents. One wonders why it took seven deaths to get this kind of rigor into the process.

The attack in Khost and the intelligence victories of late remind us-tragically-that spying isn't a perfect business, and we shouldn't expect it to be. But they also remind us that no amount of sophisticated technology can replace the eyes and ears on the ground.

Shane Harris is the author of The Watchers: The Rise of America's Surveillance State, which comes out in paperback this month.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.