Exclusive: New report unveils how CIA scheme color revolutions around the world 獨家：新報告揭示中央情報局如何策劃全球顏色革命 by Yuan Hong May 03 2023

For a long time, the US Central Intelligence Agency (CIA) has plotted “peaceful evolution” and “color revolutions” as well as spying activities around the world and a report released by China’s National Computer Virus Emergency Response Center and Chinese internet security company 360 on Thursday unveiled the main technical means that CIA has used to scheme and promote unrest around the world .

In its first part, the report provides background information and outlines that since the beginning of the 21st century, the rapid development of the internet has offered “new opportunity” for CIA’ infiltration activities and overturning in other countries and any institutions or individuals around the world that use US digital equipment or software could be turned into the CIA’s “puppet agent.”

For decades, the CIA has overthrown or attempted to overthrow at least 50 legitimate governments abroad, while the CIA has only recognized seven of these instances, causing turmoil in related countries. Whether it is the “color revolution” in Ukraine in 2014, the “sunflower revolution” in Taiwan, China, or the “saffron revolution” in Myanmar in 2007, the “green revolution” in Iran in 2009, and other attempted “color revolutions” – all have the US intelligence agencies behind, according to the report.

The US’ leading position in technologies of telecommunication and on-site command in the world has provided unprecedented possibilities for the US intelligence departments to launch “color revolutions” abroad. The report released by the National Virus Emergency Response Center and 360 disclosed five methods commonly used by the CIA.

The first is to provide encrypted network communication services. In order to help protesters in some countries in the Middle-East keep in touch and avoid being tracked and arrested, an American company, which is reportedly with a US military background, has developed TOR technology that can access the internet and is untraceable – the Onion Router technology.

The servers encrypt all information that flows through them to help certain users to surf the web anonymously. After the project was launched by American companies, it was immediately provided free of charge to anti-government elements in Iran, Tunisia, Egypt and other countries and regions to ensure that those “dissident youth who want to shake their own government’s rule” can avoid the scrutiny and monitor of the government, according to the report.

The second method of the CIA is to provide offline communication services. For example, in order to ensure that anti-government personnel in Tunisia, Egypt and other countries can still keep in touch with the outside world, Google and Twitter quickly launched a special service called “Speak2Tweet,” which allows users to dial and upload voice for free to leave a message.

These messages are automatically converted into tweets and then uploaded to the internet, and publicly released through Twitter and other platforms to complete the “real-time report” of the incident scene, said the report.

The third method is to provide on-site command tools for rallies and parades based on the internet and wireless communications. The report released on Thursday noted that the US RAND Corporation has spent several years developing a non-traditional regime change technology called “swarming,” which is used to help a large number of young people connected through the internet join the “one shot for another place” mobile protest movement, greatly Improve the efficiency of on-site command of the event.

The fourth is an American developed software, called “Riot.” The software supports 100 percent independent broadband network, provides variable WiFi network, does not rely on any traditional physical access method, does not need telephone, cable or satellite connection, and can easily escape any form of government monitoring.

With the help of the above-mentioned powerful network technology and communication technology, the CIA planned, organized and implemented a large number of “color revolution” events around the world.

The last one is the “anti-censorship” information system. The US State Department developed it and regards the research and development of the system as an important task and has injected more than $30 million into the project.

Moreover, the National Virus Emergency Response Center and 360 company have spotted Trojan horse programs or plug-ins that related to the CIA in recent cyberattacks targeting China. The public security authorities have investigated these cases, the Global Times has learned.

Aside from the five methods CIA has used to incite unrest globally, through further technical analysis, the National Virus Emergency Response Center and 360 company also identified another nine methods used by the CIA as “weapons” for cyberattacks, including attack module delivery, remote control, information collection and stealing, and third-party open- source tools.

The response center and the 360 company also spotted an information-stealing tool used by the CIA, which is also one of the 48 advanced cyber weapons exposed in the confidential document of the US National Security Agency.

The discovery of these information-stealing tools shows that the CIA and the US National Security Agency will jointly attack the same victim, or share cyberattack weapons with each other, or provide relevant technical or human support, according to the report.

These new findings also offer important new evidence in tracing the identity of the APT-C-39 attackers. In 2020, the 360 company independently discovered an APT organization that had never been exposed to the outside world, and named it APT-C-39. The organization specifically targets China and its friendly countries to carry out cyberattack and stealing activities, and its victims are spread all over the world.

The Thursday report also noted that the danger of CIA attack weapons can be glimpsed from third-party open-source tools as it often uses these tools to carry out cyberattacks.

The initial attack of the CIA cyberattack operation will generally be carried out against the victim’s network equipment or server. After obtaining the target authority, it will further explore the network topology of the target organization and move to other networked devices in the internal network to steal more sensitive information and data.

The controlled target computer is monitored in real time for 24 hours, all information will be recorded. Once a USB device is connected, the private files in the victim’s USB device will be monitored and automatically stolen. When conditions permit, the camera, microphone and GPS positioning device on the user terminal will be remotely controlled and accessed, according to the report.

The report noted that these CIA cyber weapons use standardized espionage technical specifications and various attack methods echo and interlock and have now covered almost all internet and IoT assets in the world, and can control other countries’ networks anytime, anywhere to steal important and sensitive data from other countries.

The American-style cyber hegemony is evident, the report notes.

In response to the highly systematic, intelligent, and concealed cyberattacks launched by the CIA against China, it is important for domestic government agencies, scientific research institutions, industrial enterprises, and commercial organizations to quickly find out and deal with them in the first place, the report claims.

The report suggests that in order to effectively deal with imminent network and real-world threats, while adopting self-controllable localized equipment, China should organize self-inspection and self-inspection APT attacks as soon as possible, and gradually establish a long-term defense system to achieve comprehensive Systematic prevention and control against advanced threat attacks.