CIA leak 'absolutely' an 'inside job'

Former CIA Deputy Director Mike Morell has said that the WikiLeaks' dump of documents it claims are from the top-secret CIA hacking program is "absolutely" an "inside job."

Speaking with "CBS This Morning," Morell said the spy agency should be asking itself whether the leaker was a staff employee or a contractor, and whether there were any "red flags" that were missed.

When asked whether it’s clear to him that this could have been an inside job, Morell answered, "Absolutely."

"This data is not shared outside CIA. It's only inside CIA," Morell said. "It's on CIA's top secret network, which is not connected to any other network. So, this has to be an inside job."

WikiLeaks has said it will not reveal its source.

Morell warned against WikiLeaks' plan to share the technical details on the CIA's surveillance operation with tech companies, whose products were mentioned in the documents as being vulnerable to the spy program.

Morell said this information is "valuable" to US adversaries, because if obtained, they can search their own networks for any CIA bugs.

In the first wave of what it dubbed the "Vault 7" publications, WikiLeaks dumped more than 8,700 documents that it claims reveal the inner workings of the CIA's secret hacking program from 2013 to 2016. The CIA's malware, Trojans and weaponised viruses have the capability of bypassing encryption protection in a wide range of devices made in Europe and US, including Apple's iPhone, Google's Android and Microsoft's Windows, as well as smart TVs, turning them into covert microphones.

While the CIA wouldn't say whether the WikiLeaks documents are real, and would not confirm reports that it is investigating any leaks, it warned that any time WikiLeaks publishes something that could hurt the CIA's ability to do its job is a problem.

"The American public should be deeply troubled by any WikiLeaks disclosure designed to damage the intelligence community's ability to protect America against terrorists and other adversaries," a CIA spokesperson said in a statement. "Such disclosures not only jeopardise US personnel and operations, but also equip our adversaries with tools and information that do us harm."

Two other former heads of the CIA, former CIA Director Michael Hayden and former acting CIA Director John McLaughlin, expressed concerns this week about the timing of the "Vault 7" document dump, saying it brought to mind Russian interference allegedly aimed at helping President Trump.

Former CIA director David Petraeus said the leak could be as damaging to national security as former NSA contractor Edward Snowden's 2013 leak of secret information from the National Security Agency's surveillance programs.

Washingtons Examiner:

 

« New App Minimising Police Violence
Estonian Honey Trap »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

Renesas Electronics

Renesas Electronics

Renesas Electronics delivers trusted embedded design innovation with solutions that enable billions of connected, intelligent devices to enhance the way people work and live - securely and safely.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Nexor

Nexor

Nexor are a UK-based cyber security company with 30 years' experience in secure information exchange.

Infopercept Consulting

Infopercept Consulting

Infopercept is a leading cybersecurity company in India, providing a critical layer of security to protect business information, infrastructure & assets across the organization.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Mindmajix Technologies

Mindmajix Technologies

Mindmajix is a live and interactive e-learning platform that offers professional online IT training in areas including cyber security.

Cyber Command - Romania

Cyber Command - Romania

Cyber Command represents the military authority responsible for the development, protection and resilience of military IT networks and services that support the Romanian Force Structure.

Tech Seven Partners

Tech Seven Partners

At TechSeven Partners, we provide a full suite of cyber security solutions for your business including network monitoring, onsite and cloud backup solutions, HIPAA or PCI compliance.

Cyber Unit

Cyber Unit

Cyber Unit offer next level protection from cyber attacks in packages and pricing options that are accessible to smaller organizations.

ZainTech

ZainTech

Zaintech is a regional digital & ICT solutions provider offering comprehensive digital solutions and services to enterprise and government customers in the MENA region.