The CIA couldn’t have made it any easier for hackers to steal their sophisticated cyberweapons if they gave them a key to the vault. The whole reason the “largest theft of data in CIA history” occurred is because they were so focused on building hacking tools they didn’t know they were infested with moles. An employee, CNN reports, “took advantage of ‘woefully lax’ security and gave secret hacking tools to WikiLeaks.” A lot of them.
Cyberweapons stolen from within
The Central Intelligence Agency admitted the serious security breach, which happened back in 2016, in an internal memo released on Tuesday. The “clandestine” Center for Cyber Intelligence has no clue exactly what was stolen, only that it could total up to a whopping “34 terabytes of data.” CNN puts that in perspective as “the equivalent of 2.2 billion pages of text.”
The CIA didn’t even know they were hacked until a year after the crime occurred. They found out when Wikileaks put out their “Vault 7” release in March of 2017. It was virtually the entire “catalog” of sophisticated cyberweapons available to law enforcement agencies on request.
The incident sparked the creation of a targeted “CIA WikiLeaks Task Force.” In October of 2017, they submitted their report to Mike Pompeo, since replaced as director by Gina Haspel, when he shifted over to Secretary of State. On Tuesday, the CIA finally made public a heavily redacted version of what the task force found.
They never saw it coming
Our highest intelligence officials admit that they didn’t have a single clue and nobody saw it coming. “We failed to recognize or act in a coordinated fashion on warning signs that a person or persons with access to CIA classified information posed an unacceptable risk to national security.” It’s not like national security is their job or anything.
The CIA refused to answer any “specific” questions about the stolen cyberweapons but spokesperson Timothy Barrett did relate, “”CIA works to incorporate best-in-class technologies to keep ahead of and defend against ever-evolving threats.” Now everyone else has them too, so they aren’t that far ahead anymore.
Another thing they aren’t actually drawing attention too is the fact that it wasn’t an isolated incident. According to their own report, the leak happened from a series of security lapses “over years that too often prioritized creativity and collaboration at the expense of security.”
Democrats got more than they bargained for
The cyberweapons breach memo was released to the public this week by Democrat Senator Ron Wyden, who sits on the Senate Intelligence Committee. He originally was provided an “incomplete, redacted version” of the report from the Justice Department and it made him curious to see the rest, so he asked. Our new Director of National Intelligence, John Ratcliffe, said sure, and sent it over. Now, Wyden is digging for more about “widespread cybersecurity problems across the intelligence community.”
The redacted version still has plenty of juicy details. It makes it crystal clear that the Agency didn’t have any idea how bad the theft was. Apparently, once you get clearance to work for the CIA, things like passwords and user names are no longer required. Considering that these are the guys who walk through security systems like they aren’t even there, they probably wouldn’t do much to keep anyone out of anything. What they would and should show, is who accessed what and when.
As written in the report, the CCI system “unlike other parts of the Agency’s IT systems ‘did not require user activity monitoring or other safeguards.'” What that means is “most of our sensitive cyber weapons were not compartmented, users shared systems administrator-level passwords, there were no effective removable media controls, and historical data was available to users indefinitely.”
Too focused on building more weapons
The CCI was way too busy stockpiling cyberweapons. As noted by the task force, CCI focused on building cyber weapons and neglected to also prepare mitigation packages if those tools were exposed.” The hackers never expected to be infiltrated from within. Even Wikileaks noticed that “the CIA had become the globe’s pre-eminent hacking operation, sneaking into high-tech phones and televisions to spy on people worldwide.”
As part of the vault 7 release, Wikileaks published a whole bunch of notes detailing exactly how “the agency allegedly targeted individuals through malware and physical hacking on devices including phones, computes and TV’s.” That’s why Edward Snowden refuses to use a cell phone.
The standard operating procedure at the CIA was to make their in house hackers “appear as if they were Russian.” That phrase takes on new meaning now that we know what we know about the Obamagate scandal. Three years later, the security holes still haven’t been patched. “Three years after that report was submitted, the intelligence community is still lagging behind and has failed to adopt even the most basic cybersecurity technologies in widespread use elsewhere in the federal government,” Senator Widen scolds.
The CIA focuses on the legality of what they did, while downplaying the aspects that the report talks about some tools “still under development by the intelligence community” and more importantly, that “nearly all of the CIA’s arsenal of privacy-breaching cyberweapons had been stolen, and the tools are potentially in the hands of criminals and foreign spies.” Oops.