acm-header
Sign In

Communications of the ACM

ACM News

Elite CIA Unit that Developed Hacking Tools Failed to Secure its Own Systems, Allowing Massive Leak


View as: Print Mobile App Share:
The Central Intelligence Agency symbol on the floor of the agency's headquarters in Langley, VA.

A new report found the theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agencys elite computer hackers prioritized building cyber weapons at the expense of securing their own systems.

Credit: Mark Wilson/Getty Images

The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency's elite computer hackers "prioritized building cyber weapons at the expense of securing their own systems," according to an internal report prepared for then-director Mike Pompeo as well as his deputy, Gina Haspel, now the current director.

The breach — allegedly by a CIA employee — was discovered a year after it happened, when the information was published by WikiLeaks, in March 2017. The anti-secrecy group dubbed the release "Vault 7," and U.S. officials have said it was the biggest unauthorized disclosure of classified information in the CIA's history, causing the agency to shut down some intelligence operations and alerting foreign adversaries to the spy agency's techniques.

The October 2017 report by the CIA's WikiLeaks Task Force, several pages of which were missing or redacted, portrays an agency more concerned with bulking up its cyber arsenal than keeping those tools secure. Security procedures were "woefully lax" within the special unit that designed and built the tools, the report said.

 

From The Washington Post
View Full Article

 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account