The CIA Has Lost Control Of Its Cyber Weapon Documents

Uploaded on 2017-03-15 in INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

Information about purported CIA cyber-attacks was "passed around" among members of the US intelligence community and contractors before it was published by WikiLeaks, Julian Assange says.

The CIA "lost control of its entire cyber-weapons arsenal," the WikiLeaks editor-in-chief said during a press conference recently. "This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it."

Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.

WikiLeaks discovered the CIA documents because they were being shared among a "number" of people in the US intelligence community "in an unauthorised fashion," he said.

Assange questioned whether former President Barack Obama or current President Donald Trump had been informed that the CIA had lost control of the cyber-weapons documents.

The documents show the CIA has developed attacks for iPhones, Android phones, smart TVs, and major computer operating systems. Vendors say they are looking into the vulnerabilities described in the documents, with Apple saying it has already fixed most of the iOS vulnerabilities described.

WikiLeaks will work with tech vendors to help them fix vulnerabilities described in the documents, Assange said, repeating an earlier promise.

The CIA has declined to confirm the authenticity of the documents. Asked about Assange's claim that the documents were passed out, Dean Boyd, director of the agency's Office of Public Affairs, said: “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

The CIA also noted that its surveillance is aimed at intelligence targets outside the US.

The CIA's mission is to "aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries," agency spokeswoman Heather Fritz Horniak said by email. "It is CIA's job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less."

While not confirming the documents' authenticity, the US public should be troubled by any WikiLeaks' disclosure "designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries," she added.

"Such disclosures not only jeopardize US personnel and operations but also equip our adversaries with tools and information to do us harm."

WikiLeaks' press conference was broadcast on Periscope, with Twitter users encouraged to tweet questions. Several viewers of the broadcast called on Obama and former Democratic presidential candidate Hillary Clinton to be arrested, with others encouraging WikiLeaks to publish information on the disproven Pizzagate conspiracy theory.

"Do you have #pizzagate intel and if so, when will you release it! We need to save these children sooner rather than later," one participant tweeted.

Another participant asked: "My question: Can you ask your friends at Guccifer to hack & spill the beans on the Trump admin?"

Computer  World

CIA Silent about Wikileaks Agency Files:

Is There Good News Concerning CIA Spying?:

 

 

« Now China Tells US To Stop Spying
Could Hackers Turn the Lights Out? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CyberVista

CyberVista

CyberVista is a cybersecurity training education and workforce development company. Our mission is to eliminate the skills gap by creating job ready professionals.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

DTS Solution

DTS Solution

DTS Solution delivers advanced cyber security solutions through is technology partnerships with industry leading security vendors and advanced consulting services.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

HackHunter

HackHunter

HackHunter’s passive sensor network continuously monitors, detects and alerts when a malicious WiFi network and/or hacking behaviour is identified.

iSecurity Consulting

iSecurity Consulting

iSecurity delivers a complete lifecycle of digital protection services across the globe for public and private sector clients.

Meditology

Meditology

Meditology Services is a top-ranked provider of information risk management, cybersecurity, privacy, and regulatory compliance consulting services exclusively for healthcare organizations.

Evina

Evina

Evina offers the most advanced cybersecurity and fraud protection for mobile payment.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Creative Destruction Lab (CDL)

Creative Destruction Lab (CDL)

Creative Destruction Lab is a nonprofit organization that delivers an objectives-based program for massively scalable, seed-stage, science- and technology-based companies.

Unisys

Unisys

Unisys is a global information technology company providing industry-focused solutions integrated with leading-edge security to clients in the government, financial services and commercial markets.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.

CoGuard

CoGuard

CoGuard is a patented solution that uses AI driven automation to provide fast, cost effective white-box penetration testing, infrastructure audits and infrastructure design services.

Maveris

Maveris

Maveris is an IT and cybersecurity company committed to helping organizations create secure digital solutions to accelerate their mission.