The CIA Has Lost Control Of Its Cyber Weapon Documents

Uploaded on 2017-03-15 in INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

Information about purported CIA cyber-attacks was "passed around" among members of the US intelligence community and contractors before it was published by WikiLeaks, Julian Assange says.

The CIA "lost control of its entire cyber-weapons arsenal," the WikiLeaks editor-in-chief said during a press conference recently. "This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it."

Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.

WikiLeaks discovered the CIA documents because they were being shared among a "number" of people in the US intelligence community "in an unauthorised fashion," he said.

Assange questioned whether former President Barack Obama or current President Donald Trump had been informed that the CIA had lost control of the cyber-weapons documents.

The documents show the CIA has developed attacks for iPhones, Android phones, smart TVs, and major computer operating systems. Vendors say they are looking into the vulnerabilities described in the documents, with Apple saying it has already fixed most of the iOS vulnerabilities described.

WikiLeaks will work with tech vendors to help them fix vulnerabilities described in the documents, Assange said, repeating an earlier promise.

The CIA has declined to confirm the authenticity of the documents. Asked about Assange's claim that the documents were passed out, Dean Boyd, director of the agency's Office of Public Affairs, said: “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

The CIA also noted that its surveillance is aimed at intelligence targets outside the US.

The CIA's mission is to "aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries," agency spokeswoman Heather Fritz Horniak said by email. "It is CIA's job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less."

While not confirming the documents' authenticity, the US public should be troubled by any WikiLeaks' disclosure "designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries," she added.

"Such disclosures not only jeopardize US personnel and operations but also equip our adversaries with tools and information to do us harm."

WikiLeaks' press conference was broadcast on Periscope, with Twitter users encouraged to tweet questions. Several viewers of the broadcast called on Obama and former Democratic presidential candidate Hillary Clinton to be arrested, with others encouraging WikiLeaks to publish information on the disproven Pizzagate conspiracy theory.

"Do you have #pizzagate intel and if so, when will you release it! We need to save these children sooner rather than later," one participant tweeted.

Another participant asked: "My question: Can you ask your friends at Guccifer to hack & spill the beans on the Trump admin?"

Computer  World

CIA Silent about Wikileaks Agency Files:

Is There Good News Concerning CIA Spying?:

 

 

« Now China Tells US To Stop Spying
Could Hackers Turn the Lights Out? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

4Secure

4Secure

4Secure is a cyber security company providing services and solutions to counter and respond to the most sophisticated and targeted cyber threats.

Becrypt

Becrypt

Becrypt is a trusted provider of endpoint cybersecurity software solutions. We help the most security conscious organisations to protect their customer, employee and intellectual property data.

Illumio

Illumio

Illumio delivers adaptive security for every computing environment, protecting the 80% of data center and cloud traffic missed by the perimeter.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

Securd

Securd

Securd takes opportunities away from your cyber adversaries. Cloud-delivered zero-trust DNS firewall and web filtering protection keep your business network and remote employees safe.

Gigit

Gigit

Gigit’s Service portfolio focuses on your business’ needs and the integration of comprehensive cybersecurity policies, plans, procedures, and practices into your business culture and operations.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

UK Cyber Security Association (UKCSA)

UK Cyber Security Association (UKCSA)

The UK Cyber Security Association (UKCSA) is a membership organisation for individuals and organisations who actively work in the cyber security industry.

Gem Security

Gem Security

Gem is on a mission to help security operations evolve into the cloud era, and stop cloud threats before they become incidents.

Appknox

Appknox

Appknox is the world’s most powerful plug-and-play security platform that helps developers, security researchers, and enterprises to build a safe and secure mobile ecosystem.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

CyberSalus

CyberSalus

CyberSalus is a pioneering cyber tech services company dedicated to protecting the digital integrity of healthcare organizations.