CIA’s Cyber Security Exposed in Historic Data Breach

CIA’s Cyber Security Exposed in Historic Data Breach

In 2017, WikiLeaks revealed that an elite CIA hacking group was breached and published an exorbitant amount of CIA data and more specifically their cyber warfare tools and weapons. According to CNN, an internal report published on Tuesday by the CIA reveals that their own employee took advantage of this specialized group and their “woefully lax” security and gave the secret hacking tools to WikiLeaks. The trove of information was taken from the CIA’s Center for Cyber Intelligence (CCI) ironically, and WikiLeaks named the collection taken “Vault 7”. Vault 7 contained all of the cyber weapons and tools the CIA used to attempt to hack into older versions of Macs through iOS systems. 

“All of the documents reveal, to varying degrees, CIA’s tradecraft in cyber operations,” says the report. An example of the CIA’s Mac-hacking techniques released by WikiLeaks involves a program dubbed “Achilles.” This 2011 program was designed for use against Snow Leopard Macs, and although there are little details on its effective implementation, it required users to install a doctored app. Ex-CIA employee Adam Schulte, who sent the data to WikiLeaks, had previously published knowledge of this and other Mac exploits and is reportedly still under investigation for doing so.

The amount of data stolen is still unknown due to the lack of security provided for the systems taken, the memo said, but it could be between as much as 180 GB to 34 terabytes of data. The report also mentions that the CIA was unaware that they had even been breached until the WikiLeaks report came out in 2017. While the CIA declined to comment on any specific report, agency spokesperson Timothy Barrett told CNN, “CIA works to incorporate best-in-class technologies to keep ahead of and defend against ever-evolving threats.”

The task force memo was released Tuesday by Sen. Ron Wyden, a Democrat from Oregon on the Senate Intelligence Committee. The report released on Tuesday is heavily edited but clearly states that the breach came as a result of a series of security deficiencies “over years that too often prioritized creativity and collaboration at the expense of security.” The Senator’s report also shows that the CIA had no safeguards or protections for these cyber weapons if they were to fall into the wrong hands. “Most of our sensitive cyber weapons were not compartmented, users shared systems administrator-level passwords, there were no effective removable media controls, and historical data was available to users indefinitely,” the Senator’s report reads. 

Senator Wyden wrote a letter to the Director of National Intelligence, John Ratcliffe, asking for more information on “unclassified answers” to questions raised by the report, as well as how the agency plans to act on its multiple recommendations for future security. Wyden also requested Ratcliffe to provide him with unclassified answers to a set of questions on applying cybersecurity activities within the intelligence community by July 17th.