The CIA Has Lost Control Of Its Cyber Weapon Documents

Uploaded on 2017-03-15 in INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

Information about purported CIA cyber-attacks was "passed around" among members of the US intelligence community and contractors before it was published by WikiLeaks, Julian Assange says.

The CIA "lost control of its entire cyber-weapons arsenal," the WikiLeaks editor-in-chief said during a press conference recently. "This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it."

Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.

WikiLeaks discovered the CIA documents because they were being shared among a "number" of people in the US intelligence community "in an unauthorised fashion," he said.

Assange questioned whether former President Barack Obama or current President Donald Trump had been informed that the CIA had lost control of the cyber-weapons documents.

The documents show the CIA has developed attacks for iPhones, Android phones, smart TVs, and major computer operating systems. Vendors say they are looking into the vulnerabilities described in the documents, with Apple saying it has already fixed most of the iOS vulnerabilities described.

WikiLeaks will work with tech vendors to help them fix vulnerabilities described in the documents, Assange said, repeating an earlier promise.

The CIA has declined to confirm the authenticity of the documents. Asked about Assange's claim that the documents were passed out, Dean Boyd, director of the agency's Office of Public Affairs, said: “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

The CIA also noted that its surveillance is aimed at intelligence targets outside the US.

The CIA's mission is to "aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries," agency spokeswoman Heather Fritz Horniak said by email. "It is CIA's job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less."

While not confirming the documents' authenticity, the US public should be troubled by any WikiLeaks' disclosure "designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries," she added.

"Such disclosures not only jeopardize US personnel and operations but also equip our adversaries with tools and information to do us harm."

WikiLeaks' press conference was broadcast on Periscope, with Twitter users encouraged to tweet questions. Several viewers of the broadcast called on Obama and former Democratic presidential candidate Hillary Clinton to be arrested, with others encouraging WikiLeaks to publish information on the disproven Pizzagate conspiracy theory.

"Do you have #pizzagate intel and if so, when will you release it! We need to save these children sooner rather than later," one participant tweeted.

Another participant asked: "My question: Can you ask your friends at Guccifer to hack & spill the beans on the Trump admin?"

Computer  World

CIA Silent about Wikileaks Agency Files:

Is There Good News Concerning CIA Spying?:

 

 

« Now China Tells US To Stop Spying
Could Hackers Turn the Lights Out? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Axiomatics

Axiomatics

Axiomatics is the originator and leading provider of runtime, fine-grained authorization delivered with attribute-based access control (ABAC) for applications, data, APIs, and microservices.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

NPCore

NPCore

NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior.

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference is a non-profit, annual, information security conference located in Halifax, Nova Scotia, Canada.

Kleiner Perkins

Kleiner Perkins

For five decades, Kleiner Perkins has made history by partnering with some of the most ingenious and forward-thinking founders in technology and life sciences.

Business Hive Vilnius (BHV)

Business Hive Vilnius (BHV)

BHV is one of the oldest startup incubator and technology hubs in the Baltics, primarily focused on hardware, security, blockchain, AI, fintech and enterprise software.

Sierra Ventures

Sierra Ventures

Sierra Ventures is an early-stage venture firm investing globally with a focus on Next Generation Enterprise and Emerging Technologies.

Sharktech

Sharktech

Sharktech designs, develops, and supports advanced DDoS protection and web technologies.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.

Sunnic

Sunnic

Sunnic is a leading provider of comprehensive digital data security technology.

SecondSight

SecondSight

SecondSight’s Vertical AI embodies a full-spectrum approach to cyber insurance, facilitating accurate digital risk profiling.

Aprio

Aprio

Aprio is a premier business advisory and accounting firm. We deliver advisory, tax, managed, and private client services to build value, drive growth, manage risk, and protect wealth.

Black Breach

Black Breach

Black Breach experts protect your organization from cyber threats with military-grade AI-tooled cybersecurity solutions.