CIA leak 'absolutely' an 'inside job'

Uploaded on 2017-03-15 in INTELLIGENCE--USA, FREE TO VIEW

Former CIA Deputy Director Mike Morell has said that the WikiLeaks' dump of documents it claims are from the top-secret CIA hacking program is "absolutely" an "inside job."

Speaking with "CBS This Morning," Morell said the spy agency should be asking itself whether the leaker was a staff employee or a contractor, and whether there were any "red flags" that were missed.

When asked whether it’s clear to him that this could have been an inside job, Morell answered, "Absolutely."

"This data is not shared outside CIA. It's only inside CIA," Morell said. "It's on CIA's top secret network, which is not connected to any other network. So, this has to be an inside job."

WikiLeaks has said it will not reveal its source.

Morell warned against WikiLeaks' plan to share the technical details on the CIA's surveillance operation with tech companies, whose products were mentioned in the documents as being vulnerable to the spy program.

Morell said this information is "valuable" to US adversaries, because if obtained, they can search their own networks for any CIA bugs.

In the first wave of what it dubbed the "Vault 7" publications, WikiLeaks dumped more than 8,700 documents that it claims reveal the inner workings of the CIA's secret hacking program from 2013 to 2016. The CIA's malware, Trojans and weaponised viruses have the capability of bypassing encryption protection in a wide range of devices made in Europe and US, including Apple's iPhone, Google's Android and Microsoft's Windows, as well as smart TVs, turning them into covert microphones.

While the CIA wouldn't say whether the WikiLeaks documents are real, and would not confirm reports that it is investigating any leaks, it warned that any time WikiLeaks publishes something that could hurt the CIA's ability to do its job is a problem.

"The American public should be deeply troubled by any WikiLeaks disclosure designed to damage the intelligence community's ability to protect America against terrorists and other adversaries," a CIA spokesperson said in a statement. "Such disclosures not only jeopardise US personnel and operations, but also equip our adversaries with tools and information that do us harm."

Two other former heads of the CIA, former CIA Director Michael Hayden and former acting CIA Director John McLaughlin, expressed concerns this week about the timing of the "Vault 7" document dump, saying it brought to mind Russian interference allegedly aimed at helping President Trump.

Former CIA director David Petraeus said the leak could be as damaging to national security as former NSA contractor Edward Snowden's 2013 leak of secret information from the National Security Agency's surveillance programs.

Washingtons Examiner:

 

« New App Minimising Police Violence
Estonian Honey Trap »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

Data Security Council of India (DSCI)

Data Security Council of India (DSCI)

DSCI is a premier industry body on cyber security and data protection in India, committed to making the cyberspace safe, secure and trusted.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

Smart Contract Security Alliance

Smart Contract Security Alliance

The Smart Contract Security Alliance supports the blockchain ecosystem by building standards for smart contract security and smart contract audits.

Forgepoint Capital

Forgepoint Capital

ForgePoint Capital is a premier venture investor for early stage cybersecurity companies.

Ukrainian Academy of Cyber Security (UACS)

Ukrainian Academy of Cyber Security (UACS)

UACS is a professional non-profit public organization established to promote the development of an extensive network and ecosystem of education and training in the field of cyber security.

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

Centre for Cyber Security Research and Innovation (CSRI) - Deakin University

Centre for Cyber Security Research and Innovation (CSRI) - Deakin University

CSRI solves the cyber security threats of tomorrow, today. We work with industry and government leaders on innovative research that has real-world impact.

BIG Cyber

BIG Cyber

BIG Cyber is a specialized Managed Security Service Provider (MSSP) dedicated to bringing military grade cyber security technology to the gaming industry.

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

Reach Security

Reach Security

Reach is the first generative AI platform purpose-built to empower enterprise security teams. With Reach, organizations measure, manage, and improve their enterprise security posture at scale.

RKON

RKON

RKON Technologies provides managed IT and cybersecurity services to organizations across various industries, helping businesses mitigate risks and secure their digital infrastructures.