Home Security Vault 7: CIA increased risk of leaks, claims WikiLeaks

The CIA has increased the risk of proliferation of its weaponised malware by making the entire collection unclassified, according to WikiLeaks.

Describing it as "one of the most astounding intelligence own goals in living memory", it pointed out that the implants, zero-days, listening posts and command and control system were all unclassified and therefore gave the agency very little legal recourse in the event that they were leaked.

WikiLeaks said the reason for making these assets unclassified was because the CIA's targets had to be often tracked by listening over the Internet.

"If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet.

"Consequently the CIA has secretly made most of its cyber spying/war code unclassified," the organisation said.

Overnight, WikiLeaks dumped a huge amount of CIA documents and files which it said were the first tranche that it would release.

WikiLeaks claimed that hacking operations were increasingly being dressed up in military language to obtain funding from money allocated to the defence department.

"For instance, attempted 'malware injections' (commercial jargon) or 'implant drops' (NSA jargon) are being called 'fires' as if a weapon was being fired," it noted.

Malware which is used by the CIA is designed to live on a target's devices in order that data can be exfiltrated back to the CIA's command and control servers. Hence, these servers needed to be on the public Internet and could not be certified to hold classified material and hence were left unclassified, WikiLeaks said.

"A successful 'attack' on a target's computer system is more like a series of complex stock manoeuvres in a hostile take-over bid or the careful planting of rumors in order to gain control over an organisation's leadership rather than the firing of a weapons system," it said.

"If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military manoeuvres against the target's territory including observation, infiltration, occupation and exploitation."

LEARN NBN TRICKS AND TRAPS WITH FREE NBN SURVIVAL GUIDE

Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

 

 

 

 

Connect

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities