The CIA Has Lost Control Of Its Cyber Weapon Documents

Information about purported CIA cyber-attacks was "passed around" among members of the US intelligence community and contractors before it was published by WikiLeaks, Julian Assange says.

The CIA "lost control of its entire cyber-weapons arsenal," the WikiLeaks editor-in-chief said during a press conference recently. "This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it."

Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.

WikiLeaks discovered the CIA documents because they were being shared among a "number" of people in the US intelligence community "in an unauthorised fashion," he said.

Assange questioned whether former President Barack Obama or current President Donald Trump had been informed that the CIA had lost control of the cyber-weapons documents.

The documents show the CIA has developed attacks for iPhones, Android phones, smart TVs, and major computer operating systems. Vendors say they are looking into the vulnerabilities described in the documents, with Apple saying it has already fixed most of the iOS vulnerabilities described.

WikiLeaks will work with tech vendors to help them fix vulnerabilities described in the documents, Assange said, repeating an earlier promise.

The CIA has declined to confirm the authenticity of the documents. Asked about Assange's claim that the documents were passed out, Dean Boyd, director of the agency's Office of Public Affairs, said: “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

The CIA also noted that its surveillance is aimed at intelligence targets outside the US.

The CIA's mission is to "aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries," agency spokeswoman Heather Fritz Horniak said by email. "It is CIA's job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less."

While not confirming the documents' authenticity, the US public should be troubled by any WikiLeaks' disclosure "designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries," she added.

"Such disclosures not only jeopardize US personnel and operations but also equip our adversaries with tools and information to do us harm."

WikiLeaks' press conference was broadcast on Periscope, with Twitter users encouraged to tweet questions. Several viewers of the broadcast called on Obama and former Democratic presidential candidate Hillary Clinton to be arrested, with others encouraging WikiLeaks to publish information on the disproven Pizzagate conspiracy theory.

"Do you have #pizzagate intel and if so, when will you release it! We need to save these children sooner rather than later," one participant tweeted.

Another participant asked: "My question: Can you ask your friends at Guccifer to hack & spill the beans on the Trump admin?"

Computer  World

CIA Silent about Wikileaks Agency Files:

Is There Good News Concerning CIA Spying?:

 

 

« Now China Tells US To Stop Spying
Could Hackers Turn the Lights Out? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

Spambrella

Spambrella

Spambrella provides email security with real-time threat protection. 100% SaaS (nothing to install)

Fidelis Security

Fidelis Security

Fidelis Security is a leading provider of extended threat detection and response (XDR) solutions for your security operations.

CS Group

CS Group

CS Group offers a complete range of security solutions from consultancy to security maintenance and from secure infrastructure design to security governance.

AdaptiveMobile Security

AdaptiveMobile Security

AdaptiveMobile Security, a world leader in mobile network security, protecting more than 2.2 billion subscribers worldwide.

OneTrust

OneTrust

OneTrust is the largest and most widely used technology platform to operationalize privacy, security and third-party risk management.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

Liquid Technology

Liquid Technology

Liquid Technology provide DOD- and NIST-compliant data destruction and EPA-compliant e-waste disposal and recycling services throughout North America, Europe and Asia.

CyberSecJobs.com

CyberSecJobs.com

CyberSecJobs.com is a career site and job fair company providing services and resources to the cyber security community.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

Samurai Digital Consulting

Samurai Digital Consulting

Samurai Digital Security are a cyber and Information security services provider, specialising in penetration testing, incident response, user awareness and information governance solutions.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

ACSG Corp

ACSG Corp

ACSG Corp is a Critical Infrastructure Protection Company with a multi-disciplinary focus on building analytics software for various industry sectors.

Dr Web

Dr Web

Since 1992 the Russian anti-virus Dr.Web has been helping companies to keep their digital assets protected and operate in a secure digital environment.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.