The CIA Has Lost Control Of Its Cyber Weapon Documents

Information about purported CIA cyber-attacks was "passed around" among members of the US intelligence community and contractors before it was published by WikiLeaks, Julian Assange says.

The CIA "lost control of its entire cyber-weapons arsenal," the WikiLeaks editor-in-chief said during a press conference recently. "This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it."

Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.

WikiLeaks discovered the CIA documents because they were being shared among a "number" of people in the US intelligence community "in an unauthorised fashion," he said.

Assange questioned whether former President Barack Obama or current President Donald Trump had been informed that the CIA had lost control of the cyber-weapons documents.

The documents show the CIA has developed attacks for iPhones, Android phones, smart TVs, and major computer operating systems. Vendors say they are looking into the vulnerabilities described in the documents, with Apple saying it has already fixed most of the iOS vulnerabilities described.

WikiLeaks will work with tech vendors to help them fix vulnerabilities described in the documents, Assange said, repeating an earlier promise.

The CIA has declined to confirm the authenticity of the documents. Asked about Assange's claim that the documents were passed out, Dean Boyd, director of the agency's Office of Public Affairs, said: “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

The CIA also noted that its surveillance is aimed at intelligence targets outside the US.

The CIA's mission is to "aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries," agency spokeswoman Heather Fritz Horniak said by email. "It is CIA's job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less."

While not confirming the documents' authenticity, the US public should be troubled by any WikiLeaks' disclosure "designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries," she added.

"Such disclosures not only jeopardize US personnel and operations but also equip our adversaries with tools and information to do us harm."

WikiLeaks' press conference was broadcast on Periscope, with Twitter users encouraged to tweet questions. Several viewers of the broadcast called on Obama and former Democratic presidential candidate Hillary Clinton to be arrested, with others encouraging WikiLeaks to publish information on the disproven Pizzagate conspiracy theory.

"Do you have #pizzagate intel and if so, when will you release it! We need to save these children sooner rather than later," one participant tweeted.

Another participant asked: "My question: Can you ask your friends at Guccifer to hack & spill the beans on the Trump admin?"

Computer  World

CIA Silent about Wikileaks Agency Files:

Is There Good News Concerning CIA Spying?:

 

 

« Now China Tells US To Stop Spying
Could Hackers Turn the Lights Out? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CIO

CIO

CIO provides technology and business leaders with insight and analysis on information technology trends

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

HackLabs

HackLabs

HackLabs is a penetration testing company providing services for network security, web application security and social engineering testing.

National Cyber-Forensics & Training Alliance (NCFTA)

National Cyber-Forensics & Training Alliance (NCFTA)

NCFTA is a trusted alliance of private industry and law enforcement partners dedicated to information sharing and disrupting cyber-related threats.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

GOVCERT.lu

GOVCERT.lu

GOVCERT.lu is responsible for the treatment of all computer related incidents jeopardising the information systems of the government and defined critical infrastructure operators in Luxembourg.

Government CSIRT - Chile

Government CSIRT - Chile

Government CSIRT is the Computer Security Incident Response Team for State networks and government cyberspace in Chile.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

Vanbreda

Vanbreda

Vanbreda Risk & Benefits is the largest independent insurance broker and risk consultant in Belgium and the leading insurance partner in the Benelux.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

Com Olho

Com Olho

Com Olho provides the measurement, analytics, quality assurance, and fraud protection technologies brands need for their business and customers.

Halcyon

Halcyon

Halcyon is the industry’s first dedicated, adaptive security platform focused specifically on stopping ransomware attacks.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.