‘Woefully lax’ security led to WikiLeaks Vault 7 dump’, June 17, 2020, scmagazine.com (my bolds and italics)
“Sen. Ron Wyden, D-Ore., pressed new Director of National Intelligence John Ratcliffe to detail security measures taken to safeguard sensitive intelligence after an internal CIA report said “woefully lax security” at the Center for Cyber Intelligence led to the “largest data loss in CIA history” – the leak of hacking tools to WikiLeaks.
Wyden had obtained a copy of the nearly three-year-old report on the 2017 “Vault 7” leak that occurred a year after hackers stole what could be as much as 34 TB of data.
“We failed to recognize or act in a coordinated fashion on warning signs that a person or persons with access to CIA classified information posed an unacceptable risk to national security,” the WikiLeaks Task Force report said, noting that “in a press to meet growing and critical mission needs, CCI had prioritized building cyber weapons at the expense of securing their own systems.”
The information released by WikiLeaks over time offered insight into the “CIA’s tradecraft in cyber operations.”
Sen. Wyden “is quite right in asking why what amounts to standard security practices in the industry are not being adopted by the CIA,” said Oliveira. “After all, they are in the business of acquiring intelligence often through cyber offensive methods and are technically aware of how to exploit vulnerable systems, such as those that are not protected by MFA.”
The DNI has asked for $62.8 billion, according to public figures, which Olivera said “should allow them to carve out a slice of that money to address the questions posed by Sen. Wyden.”
Hell’s bells; the DNI should give Assange the Medal of Freedom for demonstrating how insanely vulnerable the CIA’s security is! Will any elected officials call for the CIA to be disbanded as JFK had, as well as the two authors mentioned here? Think ‘CIA Psyops and Special Ops, as well.
‘Who needs ‘Russian hackers’? Report reveals CIA incompetence to blame for Vault 7 breach’, Nebojsa Malic, June 17, 2020, RT.com
Vault 7 was the name given to cyber attack tools developed by the CIA’s Center for Cyber Intelligence (CCI), and published by WikiLeaks in March 2017. It was the largest data breach in Langley’s history, with long-lasting consequences. For example, Chinese cybersecurity companies recently used Vault 7 evidence to show that the US has been hacking China for over a decade.
While the CIA ineptitude is the obvious takeaway, no one seems to have noticed the real bombshell: the timing of the breach and its implications.
The report says the CIA “did not realize the loss had occurred until a year later, when WikiLeaks publicly announced it in March 2017.” Now, what all was happening between March 2016 and a year later? You guessed it: Russiagate!
Even as his own cyber arsenal was getting swiped from under his very nose, CIA chief John Brennan was obsessing about “Russian hackers” of the Democratic National Committee, or Hillary Clinton’s emails, or something – and pushing the bogus ‘Steele Dossier’ alleging Donald Trump’s collusion with Russia, which eventually made it into the infamous ‘Intelligence Community Assessment’ that accused Moscow of meddling in the 2016 US presidential election.
It gets worse. According to the report, “Had the data been stolen for the benefit of a state adversary and not published, we might still be unaware of the loss—as would be true for the vast majority of data on Agency mission systems.”
So if the mythic bogeymen ‘Russian hackers’ had actually wanted to harm the US, they could have just used the CIA’s own, unprotected cyberweapons to stage false flags and wreak havoc across the world? None of which happened, obviously. Yet Brennan and his confederates have been telling everyone for years that the Kremlin wanted to “hack our democracy” by publishing some Democrat emails and posting memes on social media!
In an irony of ironies, the Trump administration – run by a man who denounced the Iraq war and was falsely accused of working with WikiLeaks and Russia to get elected – is now seeking extradition of Julian Assange from the UK on trumped-up hacking charges related to the 2010 WikiLeaks revelations of US atrocities in Iraq.”
I reckon I don’t agree with the bolded above; for one, Julian’s been accused of ‘seeking hackers via honeytraps’ or some such as I remember it, and has long believed that the 17 charges of ‘Espionage’ against him followed close on the heels of WikiLeaks’ publication of Vault 7 (and one portion of Vault 8, perhaps).
Malik notes at the end that the alleged leaker, Joshua Schulte, whose trial in March ended with a hung jury, but will be prosecuted again. His attorneys had argued that the CIA’s security was so lax that anyone on the team, even outsiders, could have accomplished it.
This page details some of the Devilish Capabilities of Vault 7 exploits, but you can read details of the 20+ programs and releases at WikiLeaks’ Vault 7 page.
‘Apple Claims WikiLeaks’ CIA Vault 7 ‘Dark Matter’ iOS And Mac Exploits Are Outdated’, March 24, 2017, hothardware.com
Meanwhile, Thomas Scripps at wsws has reported that Julian was too ill to attend his June 2 administrative hearing by video link from Belmarsh Gitmo.
“His lawyers told the court he was too ill to attend via videolink from Belmarsh prison and was suffering from a “respiratory problem”. Assange’s partner Stella Morris explained later that Assange’s doctor had advised him not to visit the videoconferencing room to minimise his chance of exposure to coronavirus.
Assange has a chronic lung condition and his health has been ruined by years of psychological torture and medical neglect. He is now effectively being tried in absentia, under pain of a potentially fatal contraction of COVID-19.”
His extradition trial is slated to begin in September, if… Well, anyway, send him as many good vibrations and thought-prayers as you’re able.
(cross-posted at caucus99percent.com)
Something about ignoring the log in one’s own eye comes to mind. Pretty large log, that Vault 7!
i loved the link that said (while describing some of the evil exploits of vault 7 that ‘apple claimed they were out of date’!
ron wyden’s part and comments in all this were pretty suspect, but on link had noted this, whatever it means:
“In a June 16 letter, Wyden demanded that Ratcliffe explain why the intelligence community hasn’t protected its .gov domains with multifactor authentication, despite a 2019 emergency directive by CISA to implement the measure after reports that *Iranian hackers* were engaged in a Domain Name System infrastructure hijacking campaign. The IC’s Joint Worldwide Intel Communications System (JWICS) also hasn’t adopted DMARC, the senator wrote.”
when one of the Program names showed vault 7 itself could obscure or rename domains… and wasn’t wyden allegedly a foe of the NSA at one point? of course, that organization has more power now that it had earlier. go figure.
nice to see you, and i hope you’re doing well, ww.
Parody. Castro helped CIA kill JFK? These are the ones wanting disbanding of CIA that you cite? Fucking creepy . . . .
Fucking creepy — https://sonsoflibertymedia.com/time-disband-cia/
oh, my; didn’t i blow right by that. and here i’d thought one of the reasons kennedy’d been assassinated was *because* he’d talked about disbanding the cia. nice catch.
i’d skipped right to:
“Of the many books about the CIA, written by both apologists and critics, only a few authors have found the true key to decipher the mystery behind this secretive organization. One of them is Col. L. Fletcher Prouty, U.S. Air Force (Ret.), and the other is Ralph W. McGehee, a retired CIA officer.”
but over yonder i’d reminded readers of former member of the Company philip agree’s noting that both NED and USAID are cia cut-outs, as well as the cia and mi6 having begun their penchants for overthrowing secular mossadegh in 1953 (for british petroleum) in favor of their favorite Shah.
good to see you, and many thanks for the correction.
“lax security”; ya think? from the daily dot, june 16:
“The report further found that the CIA’s hacking tools, developed by the agency’s Center for Cyber Intelligence, were not properly isolated and that access was too widespread.
“Users shared systems administrator-level passwords, there were no effective removable media [thumb drive] controls, and historical data was available to users indefinitely,” the report stated.
Given that the CIA wasn’t monitoring access, it still to this day remains unclear how much data was actually stolen. The agency believes as much as 2.2 billion pages of classified information may have been taken in total.”
and thanks again, paul. i apologized at c99% for what i’d missed, and you’d caught about cia agent castro killing kennedy.
thank you juliania; it looks like a sea change in reporting. wish scott morrison weren’t so much like trump and boris johnson. wonder why the previews were so much more salacious than the program that emerged?
from vault 7:
i followed a few seemingly false trails as the cia program that crates false flags, from Umbrage to Hive…but finally saw Marble in a video. see what you think; i’m quite a luddite.
Marble Framework 31 March, 2017
Today, March 31st 2017, WikiLeaks releases Vault 7 “Marble” — 676 source code files for the CIA’s secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.
Marble does this by hiding (“obfuscating”) text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.
Marble forms part of the CIA’s anti-forensics approach and the CIA’s Core Library of malware code. It is “[D]esigned to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop.”
The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.
The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.
The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.
Ed Schultz at RT (2027) had mentioned Hive in regard to Kaspersky Lab in moscow, but a former CIA said: Nah, the agents wouldn’t do anything illegal…i’ll go look and see if i can make any sense of Hive.
i looked for Umbrage on the cia vault 7 list
and discovered i’d had to do an internal search. it popped up in several related parts, but it was far beyond my ken, so i bingled externally for it and found:
‘WikiLeaks: CIA hacking group ‘UMBRAGE’ stockpiled techniques from other hackers’, march 2017, usatoday.com
A division of the Central Intelligence Agency stockpiled hacking techniques culled from other hackers, giving the agency the ability to leave behind the “fingerprints” of the outside hackers when it broke into electronic devices, the anti-secrecy group WikiLeaks alleges as it released thousands of documents Tuesday.
The documents also suggest that one of the agency’s divisions – the Remote Development Branch’s UMBRAGE Group – may have been cataloguing hacking methods from outside hackers, including in Russia, that would have allowed the agency to mask their identity by employing the method during espionage.
“With UMBRAGE and related projects the CIA cannot only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” Wikileaks said in a statement.