The largest data leak in the history of the CIA, dating to 2016, occurred due to the negligence of employees – the elite part involved in the development of cyber weapons has dishonored their own information security, the Washington Post reports. Moreover, if the stolen information had not been published on WikiLeaks, the CIA might not have known about the hack at all.
The largest CIA leak of information about the hacking tools of the CIA in 2016 was the result of the negligence of members of an elite special services unit who “chose to develop cyber weapons instead of protecting their own systems.” This is stated in the CIA internal report, intended for the then director of the agency Mike Pompeo.
The fact of cyber burglary with the subsequent theft of classified information was revealed a year later – in 2017, it reminds the Washington Post. This happened after the information was published on the WikiLeaks website under the name “Vault 7”.
It is noted that if the project of Julian Assange had not made this data public, the CIA might not have learned about the leak.
“If this information had been stolen by foreign agents, no one would have suspected it,” the report said.
The former CIA employee Joshua Schulte is accused of the leak, it is believed that he used his work computer to access confidential files and then transferred them to WikiLeaks.
Schulte was charged with thirteen episodes, the combined punishment of which is 135 years in prison.
However, Schulte’s defense, using the aforementioned report, intends to prove that the CIA’s internal system was so poorly protected that absolutely any employee or contractor could access secret data. In particular, the password that protected this information looked like “123ABCdef”, which is completely unacceptable according to cybersecurity requirements.
The amount of stolen data could not be established for certain, but according to approximate data, it is 34 terabytes or 2.2 billion pages.
The first batch of Vault 7 documents appeared on the WikiLeaks website in March 2017. They say that the CIA used several dozen zero-day vulnerabilities – this term refers to vulnerabilities that have not been fixed or that cannot be defended yet. The work of exploit programs, as well as special viruses and trojans, was directed against devices on iOS, Android, and Windows platforms, as well as Samsung TVs with the Smart TV function, which was used as microphones.
In addition, according to documents, the CIA can circumvent the protection of WhatsApp, Signal, Telegram, Wiebo, Confide, and Cloackman instant messengers by breaking into a smartphone and stealing personal correspondence and audio files.
A spokesman for Russian President Vladimir Putin, Dmitry Peskov, after making this information public, said the Kremlin was interested in WikiLeaks documents.