The CIA is responsible for stealing its tools for secret piracy
The CIA is responsible for stealing its tools for secret piracy

According to a new report, the CIA's leak of up to 34 terabytes of information, the largest data loss in CIA history, is the result of a very tolerant practice.

In early 2017, WikiLeaks released detailed information about highly classified CIA hacking tools. The researchers confirmed that it was part of a large number of confidential documents stolen from a highly secure isolated proxy network.

WikiLeaks named it the leak chain (Vault 7), which revealed many of the CIA's secret secrets.

Confidentiality includes simple SMS programs that agency agents use to hack Cisco network adapters, and a tool called (Sonic Screwdriver) that attacks the Mac system because the tool uses Apple's expandable firmware interface to initiate a security breach.

The data enabled researchers at Symantec Security Corporation to classify the following hacking organizations from the CIA and LongHorn since 2011.

Agency officials quickly met with the WikiLeaks staff to investigate practices that led to the loss of large amounts of data. Seven months after Vault 7 leaked, the task force first published a report assessing the extent and cause of the damage.

The results include the spread of a culture within the agency's Intrusion Section (CCI) - a shortcut to the Cyber ​​Intelligence Center - where the spread of their cyber skills to maintain security and control takes precedence over damage in the wrong hands.

Part of the report concluded that daily security practices, for example, have become very loose: a network that shares network functionality with hackers from other organizations has not followed basic practices in the main network. That are designed to identify and mitigate internal problems. Data theft by insiders.

"Most of our sensitive electronic weapons are fragmented, users exchange passwords at the system administrator level, there is no effective control of removable media, and historical data can be made available to users indefinitely."

The report notes that the CCI's Secret Service focuses on manufacturing cyber weapons and ignores setting mitigation options when detecting these tools. At the expense of security.

The team said: The network design failure is just one of many successive CIA mistakes that caused the leak.
  • It does not allow a single official to be able to ensure the safe construction and maintenance of all corporate information systems throughout its life cycle.
  • There is no guarantee that our ability to protect information systems from emerging threats will follow the growth of these systems across the company.
  • Failure to use a warning sign to act means that someone with access to classified CIA information poses an unacceptable risk to national security.
The team said that the CIA employee responsible for the Vault 7 leak stole up to 34 terabytes of data in the spring of 2016. The stolen data contained the entire content, for example: the agency's collaboration and communication platform (called (Confluence)) called a code repository ( hidden).

However, the team is full of confidence in WikiLeaks and believes that WikiLeaks has never had the final version of so-called hacking tools and code in the gold case. The report shows that the volume of gold is better protected.

Save 80.0% on select products from RUWQ with promo code 80YVSNZJ, through 10/29 while supplies last.

HP 2023 15'' HD IPS Laptop, Windows 11, Intel Pentium 4-Core Processor Up to 2.70GHz, 8GB RAM, 128GB SSD, HDMI, Super-Fast 6th Gen WiFi, Dale Red (Renewed)
Previous Post Next Post