The CIA and its major security incident
18.06.2020Back to blog list
The Washington Post has recently reminded us about the leakage of top secret hacking tools which occurred in 2016 due to the questionable choice the CIA made. The agency was claimed to prioritise creating cyber weapons instead of contributing into their system security. The incident was announced as the most appalling breach of classified data ever happened to the CIA. A year after the confidential information was stolen the agency became aware of the issue. And it was revealed only because it was published on WikiLeaks.
The crime was believed to be committed by the CIA employee. Many intelligence operations had to be cancelled. The published report made the CIA look more interested in boosting its armory than actually securing it.
Somehow the exposure on WikiLeaks appeared to be beneficial for the agency – at least they got informed about the problem. They might stay unaware if it didn’t surface or was appropriated by a spy working for an enemy.
The Washington Post was provided with the task force report by the office of Sen. Ron Wyden who insisted on building a solid cybersecurity framework for the agency.
The breach allegedly affected 34 terabytes of data which comprised almost 2.2 billion pages – the exact amount couldn’t be established as the CIA hacking group didn’t demand that the network be monitored.
The former CIA employee who got accused of taking the hacking tools and releasing them on WikiLeaks pleaded not guilty – the information he accessed was as available for any other employee and contractor as it was for him. The proof of terrifyingly unguarded systems spoke in favour of the defendant.
According to the report, hacking tools were stored in the mission systems which were set apart from the perfectly protected enterprise information technology systems – the insider threat detection integrated there was even claimed to be the best.
The low level of security though was objected to, but the fact that some misunderstanding took place between the unit supervisors and those who maintained the network was admitted to.
“…it appears that the most powerful and best-funded intelligence agencies on the planet are unable to stop the bleeding of their own data.” Thomas Rid, an information security professor at Johns Hopkins University’s School of Advanced International Studies, concluded.