UPDATED 22:37 EDT / JUNE 17 2020

SECURITY

Infamous ‘Vault 7’ CIA data breach resulted from lax cybersecurity

The infamous “Vault 7” theft of secret hacking tools and documents from the U.S. Central Intelligence Agency in 2016 resulted from lax cybersecurity practices at the agency, according to an inquiry in 2017 that has only now been partially published.

Information and tools stolen in the hack were published through 2017 by Wikileaks and included revelations that the CIA was using the tools to target more than a dozen countries and well as companies both domestic and international. The many revelations included tools used by the CIA to compromise Apple Inc. products, network switches from Cisco Systems Inc. and others.

The CIA created a Wikileaks Task Force to dig into how the breach occurred, finding that its Center for Cyber Intelligence was more interested in hacking others than in protecting itself. Some of the findings included a failure to detect security incidents rapidly, failing to act on warnings signs of potentially risky employees, moving too slowly to enact security safeguards, a lack of user activity monitoring and server monitoring, and no effective removable media controls.

The parts of the report were made public by Senator Ron Wyden in a letter Tuesday to the Director of National Intelligence.

“The 2017 CIA WikiLeaks Task Force report noted that, ‘This wake-up call presents us with an opportunity to right longstanding imbalances and lapses, to reorient how we view risk… We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change,'” Wyden wrote. “Three years after that report was submitted, the intelligence community is still lagging behind and has failed to adopt even the most basic cybersecurity technologies in widespread use elsewhere in the federal government. The American people expect you to do better, and they will then look to Congress to address these systematic problems.”

Ilia Sotnikov, vice president of product management at data security firm Netwrix Corp., told SiliconANGLE that the problem is that the majority of organizations, especially smaller businesses, will never reach the level of protection against tools used by nation-state attackers.

“This puts incredible pressure on cybersecurity vendors and the industry, as well as cybersecurity professionals,” Sotnikov explained. “However, the main lesson we should all learn is that we shouldn’t ignore cybersecurity basics even if the budget and access to new technologies cannot be compared to what the CIA had.”

Sotnikov noted that given this is the CIA, it’s unlikely many details will be revealed. “We can expect a congressional investigation, but most likely a good part of that will be classified,” Sotnikov said. “This sets a challenge for all organizations to get ready for advanced attacks with no information on what to be beware of.”

Photo: Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.