CIA Incompetence Led to WikiLeaks’ Vault 7 Publications


‘Woefully lax’ security led to WikiLeaks Vault 7 dump’,
June 17, 2020, scmagazine.com (my bolds and italics)

“Sen. Ron Wyden, D-Ore., pressed new Director of National Intelligence John Ratcliffe to detail security measures taken to safeguard sensitive intelligence after an internal CIA report said “woefully lax security” at the Center for Cyber Intelligence led to the “largest data loss in CIA history” – the leak of hacking tools to WikiLeaks.

Wyden had obtained a copy of the nearly three-year-old report on the 2017 “Vault 7” leak that occurred a year after hackers stole what could be as much as 34 TB of data.

“We failed to recognize or act in a coordinated fashion on warning signs that a person or persons with access to CIA classified information posed an unacceptable risk to national security,” the WikiLeaks Task Force report said, noting that “in a press to meet growing and critical mission needs, CCI had prioritized building cyber weapons at the expense of securing their own systems.”

The information released by WikiLeaks over time offered insight into the “CIA’s tradecraft in cyber operations.”
………………………………………………………
Sen. Wyden “is quite right in asking why what amounts to standard security practices in the industry are not being adopted by the CIA,” said Oliveira. “After all, they are in the business of acquiring intelligence often through cyber offensive methods and are technically aware of how to exploit vulnerable systems, such as those that are not protected by MFA.”

The DNI has asked for $62.8 billion, according to public figures, which Olivera said “should allow them to carve out a slice of that money to address the questions posed by Sen. Wyden.”

Hell’s bells; the DNI should give Assange the Medal of Freedom for demonstrating how insanely vulnerable the CIA’s security is! Will any elected officials call for the CIA to be disbanded as JFK had, as well as the two authors mentioned here?  Think ‘CIA Psyops & Special Ops, as well.

 ‘Who needs ‘Russian hackers’? Report reveals CIA incompetence to blame for Vault 7 breach’, Nebojsa Malic, June 17, 2020, RT.com

Vault 7 was the name given to cyber attack tools developed by the CIA’s Center for Cyber Intelligence (CCI), and published by WikiLeaks in March 2017. It was the largest data breach in Langley’s history, with long-lasting consequences. For example, Chinese cybersecurity companies recently used Vault 7 evidence to show that the US has been hacking China for over a decade.

While the CIA ineptitude is the obvious takeaway, no one seems to have noticed the real bombshell: the timing of the breach and its implications.

The report says the CIA “did not realize the loss had occurred until a year later, when WikiLeaks publicly announced it in March 2017.” Now, what all was happening between March 2016 and a year later? You guessed it: Russiagate!

Even as his own cyber arsenal was getting swiped from under his very nose, CIA chief John Brennan was obsessing about “Russian hackers” of the Democratic National Committee, or Hillary Clinton’s emails, or something – and pushing the bogus ‘Steele Dossier’ alleging Donald Trump’s collusion with Russia, which eventually made it into the infamous ‘Intelligence Community Assessment’ that accused Moscow of meddling in the 2016 US presidential election.

It gets worse. According to the report, Had the data been stolen for the benefit of a state adversary and not published, we might still be unaware of the loss—as would be true for the vast majority of data on Agency mission systems.”

So if the mythic bogeymen ‘Russian hackers’ had actually wanted to harm the US, they could have just used the CIA’s own, unprotected cyberweapons to stage false flags and wreak havoc across the world? None of which happened, obviously. Yet Brennan and his confederates have been telling everyone for years that the Kremlin wanted to “hack our democracy” by publishing some Democrat emails and posting memes on social media!
……………………………………
In an irony of ironies, the Trump administration – run by a man who denounced the Iraq war and was falsely accused of working with WikiLeaks and Russia to get elected – is now seeking extradition of Julian Assange from the UK on trumped-up hacking charges related to the 2010 WikiLeaks revelations of US atrocities in Iraq.

I reckon I don’t agree with the bolded above; for one, Julian’s been accused of ‘seeking hackers via honeytraps’ or some such as I remember it, and has long believed that the 17 charges of ‘Espionage’ against him followed close on the heels of  WikiLeaks’ publication of Vault 7 (and one portion of Vault 8, perhaps).

Malik notes at the end that the alleged leaker, Joshua Schulte, whose trial in March ended with a hung jury, but will be prosecuted again.  His attorneys had argued that the CIA’s security was so lax that anyone on the team, even outsiders, could have accomplished it.

This page details some of the Devilish Capabilities of Vault 7 exploits, but you can read details of the 20+ programs and releases at WikiLeaks’ Vault 7 page.

Apple Claims WikiLeaks’ CIA Vault 7 ‘Dark Matter’ iOS And Mac Exploits Are Outdated’, March 24, 2017, hothardware.com

Meanwhile, Thomas Scripps at wsws has reported that Julian was too ill to attend his June 2 administrative hearing by video link from Belmarsh Gitmo.

“His lawyers told the court he was too ill to attend via videolink from Belmarsh prison and was suffering from a “respiratory problem”. Assange’s partner Stella Morris explained later that Assange’s doctor had advised him not to visit the videoconferencing room to minimise his chance of exposure to coronavirus.

Assange has a chronic lung condition and his health has been ruined by years of psychological torture and medical neglect. He is now effectively being tried in absentia, under pain of a potentially fatal contraction of COVID-19.”

His extradition trial is slated to begin in September, if…  Well, anyway, send him as many good vibrations and thought-prayers as you’re able.


(cross-posted from Café Babylon)

Share
up
21 users have voted.

Comments

RantingRooster's picture

I am not surprised one bit. None, nada, zip, zilch, fucking ZERO!

[video:https://youtu.be/NkWE_tDaEyY]

Drinks

up
10 users have voted.

C99, my refuge from an insane world. #ForceTheVote

mimi's picture

@RantingRooster @RantingRooster
or who put this video together?

up
2 users have voted.
RantingRooster's picture

@mimi a larger video that was produced by StormCloudsGathering youtube channel. I forgot the guy's actual name.

If I'm not mistaken, it was from a speech he gave like 7 days before he was assassinated.

"Rule from the Shadows - The Psychology of Power - Part 1"
[video:https://youtu.be/p8ERfxWouXs]

Drinks

up
8 users have voted.

C99, my refuge from an insane world. #ForceTheVote

Roy Blakeley's picture

@RantingRooster The secret society to which he was referring was communism.

up
3 users have voted.
wendy davis's picture

@Roy Blakeley

but that was gladio time, no? now we know know far more about how cubano doctors work save the world in terms of the present pandemic, and aid other socialist nations in so many ways. we also know that the average cubanos standard of living is greater than the average USian, not to mention their low GINI co-efficient (do i have that right?: relative equality among the lower classes and upper classes?)

this country need more ché guevrras, more simon bolivars, and yes, imo: even more evo moraleses (and other true eco-socialists from 'our backyard').

up
7 users have voted.
wendy davis's picture

@RantingRooster

it is to hear his voice on the subject. one thing i remembered later was this other weirdness from ron wyden, and if anyone can decode it for me, i'd appreciate it:

In a June 16 letter, Wyden demanded that Ratcliffe explain why the intelligence community hasn’t protected its .gov domains with multifactor authentication, despite a 2019 emergency directive by CISA to implement the measure after reports that Iranian hackers were engaged in a Domain Name System infrastructure hijacking campaign. The IC’s Joint Worldwide Intel Communications System (JWICS) also hasn’t adopted DMARC, the senator wrote.

china, russia, and iran do pop up a lot. not to mention that it was the CI and MI6 ho'd been instrumental in the overthrown of secular Mossadegh (who'd nationalized iran's oil) in 1953 in favor of their favorite Shah.

philip agree (former member of 'the Company') had often said both thee National Endowment for Democracy (NED), and USAID were both CIA cut-outs.

just a quick perusal of teh Wiki (yeah, i know) said he'd found plethoraa of CIA in VZ working for ReXXon Oil. does it ever change? how many CIA operative have been trying to overthrow governments from within' pretending they're grassroots insurrections?

up
6 users have voted.
Pluto's Republic's picture

@wendy davis

...CIA-asset special interest publishers, and and CIA cohort organizations including CFR and the Atlantic Council, all agitating about one single false-flag hoax-that-never-happened (re: the Uygers) in China, which resulted in sanctions yesterday, infuriating the Chinese. I'd agitate back and expose the easily debunked hoax, but Americans have too much brain damage and I'd have to do all the heavy lifting by myself. I can't carry two superpowers around on my back. I'm busy with my own problems.

Regarding the Ron Wyden thing, are you referring to "multifactor authentication?" That just means that someone with a password cannot log in to a secure account unless they confirm their identity from two separate types of registered media on demand, like Internet and telephone. It's very effective at stopping nosey intrusions from pfishing or social engineering. Those are technically not hacking events. And "multifactor authentication" does not defend against hacking. Wyden is right to be pissed, but the whole government is sloppy and unaccountable.

up
8 users have voted.

____________________

The political system is what it is because the People are who they are. — Plato
wendy davis's picture

@Pluto's Republic

so much weight is on your shoulders, no: i was referring to what i'd bolded:

"...after reports that Iranian hackers were engaged in a Domain Name System infrastructure hijacking campaign. The IC’s Joint Worldwide Intel Communications System (JWICS) also hasn’t adopted DMARC, the senator wrote.

...which is precisely what one of the vault 7 exploits was in aid of. i could look up which one of the 20+ names, but i'm so tired after a very long day in RL.

later: may the gods forgive my idiocy: i just spent 20 minutes binging externally for the name of the exploit, but followed too many false breadcrumb trails on 'hits' i' gotten.

up
5 users have voted.
Pluto's Republic's picture

You know, basically this whole thing boils down to the irrational rears of a genocide nation, permanently on the run from karma and retribution. It's definitely coming....

On that note, DEFUND US FOREIGN POLICY.

And lock it in an insane asylum.

up
6 users have voted.

____________________

The political system is what it is because the People are who they are. — Plato
wendy davis's picture

@Pluto's Republic

the US Empire: largest purveyor of terrorism globally™ according to global polls. which, of course, includes Nato and Africom.

any idea about joe biden's statements on julian assaange? all i could find was from 2010 as obomba's VP ('close to high-tech terrorist'). his re-election campaign site said nothing, and wasn't searchable.

up
5 users have voted.
wendy davis's picture

paul haeder jut stopped by the café and said that the sons of liberty had said this of JFK:

i'd written:

Will elected official call for the CIA to be disbanded as JFK had, as well as the two authors mentioned here?

'here' being the sons of liberty's 'disband the cia':

"After the disaster at the Bay of Pigs[2] President Kennedy in private cursed “CIA bastards” for luring him into the debacle and told a friend he wanted to “splinter the CIA into a thousand pieces and scatter it into the winds.”[3] Then, he fired CFR agent and CIA Director Allen Dulles. Soon after, it was the CIA, in close collaboration with their agent Castro, the ones who splintered Kennedy into a thousand pieces.[4]"

i'd blown right by it; my apologies; i'd gone straight to the two authors.

up
6 users have voted.
wendy davis's picture

from the daily dot, june 16:

The report further found that the CIA’s hacking tools, developed by the agency’s Center for Cyber Intelligence, were not properly isolated and that access was too widespread.

“Users shared systems administrator-level passwords, there were no effective removable media [thumb drive] controls, and historical data was available to users indefinitely,” the report stated.

Given that the CIA wasn’t monitoring access, it still to this day remains unclear how much data was actually stolen. The agency believes as much as 2.2 billion pages of classified information may have been taken in total.
blockquote>

up
5 users have voted.
Pluto's Republic's picture

@wendy davis

up
3 users have voted.

____________________

The political system is what it is because the People are who they are. — Plato
wendy davis's picture

@Pluto's Republic

although the jury's still out. julian assange? i shudder to think what's likely to be that hero's fate, as he seems to be already shimmering between life...and the other side. i try to imagine what it's like being both julian and chelsea, but i admit it's impossible, especially as i'm unable to sustain what it might be like...before i bail out in depression...and rage.

up
5 users have voted.
wendy davis's picture

thank you all for the good discussion. i need a trip into the Mystic, you may as well. good night.

these lyrics knock me out:

i want rock your gypsy soul...
just like way back in the days of old...

[video:https://www.youtube.com/watch?v=_6r2P4W9Yog]

up
4 users have voted.
Cassiodorus's picture

Any discussion of state secrets always begs the question of who these secrets are being kept from. It appears that, even if we didn't have Wikileaks, we'd still be able to find out a fair portion of their "secrets," all of course without knowing whether or not the "secrets" in question were officially "secrets." All of which leads to the notion that the point of "secret"-keeping is not to make anything secret, but rather to destroy the lives of those who talk about certain things the shadow government finds uncomfortable to discuss.

up
4 users have voted.

"The war on Gaza, backed by the West, is a demonstration that the West is willing to cross all lines. That it will discard any nuance of humanity. That it is willing to commit genocide" -- Moon of Alabama

wendy davis's picture

@Cassiodorus

ars technical says that some of these exploits were already known in the wild, maybe by group called...er...'Leghorn'?

but here's how the wiki opens on vault 7:

Vault 7 is a series of documents that WikiLeaks began to publish on 7 March 2017, that detail activities and capabilities of the United States' Central Intelligence Agency to perform electronic surveillance and cyber warfare. The files, dated from 2013–2016, include details on the agency's software capabilities, such as the ability to compromise cars, smart TVs,[1] web browsers (including Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera Software ASA), and the operating systems of most smartphones (including Apple's iOS and Google's Android), as well as other operating systems such as Microsoft Windows, macOS, and Linux[5][6]. A CIA internal audit identified 91 malware tools out of more than 500 tools in use in 2016 being compromised by the release.

the entry said they'd talked to different 'experts' about the 'false flags', and most gave the notion thumbs down, so i dunno what's up with that. but clearly, 'russians hacked the DNC' and the fake fingerprints left in communications put paid to that, imo.

thus: frame iran, frame iran, china... ars technica's coverage drove this point home again, and added a bit more:

"Furthermore, CCI focused on building cyber weapons and neglected to also prepare mitigation packages if those tools were exposed. These shortcomings were emblematic of a culture that evolved over years that too often prioritized creativity and collaboration at the expense of security."

If there's a silver lining in the report, it's this: the task force assessed with moderate confidence that WikiLeaks never obtained final versions of hacking tools and source code that were housed in the so-called Gold folder.
"The Gold folder was better protected," the report said. "WikiLeaks so far has released data in Stash despite the availability of newer, easier to exploit versions of tools in Gold."

thanks again for the chuckles, cass.

up
3 users have voted.

a thank you note to Julian.

up
2 users have voted.

"Without the right to offend, freedom of speech does not exist." Taslima Nasrin

wendy davis's picture

@Fishtroller 02

your ear to the ground! did you learn what's inside the note? (sorry; gallows humor may be totally inappropriate right now...)

but may i add: ‘CIA has been hacking China for 11 YEARS, says Chinese cybersecurity firm citing Vault 7 leak’, 3 Mar, 2020, RT.com

US spies have been hacking into Chinese aviation, energy, internet and even government sectors for more than a decade, Beijing-based cybersecurity firm Qihoo 360 said after a probe based on ‘Vault7’ tools published by WikiLeaks.

Coming from a major and reputable Chinese cybersecurity vendor, the accusations – made public on Monday on the company’s blog, in both English and Chinese – carry extra weight. According to Qihoo, a group of hackers designated APT-C-39 has been confirmed as coming from the US Central Intelligence Agency.

The attacks were traced as far back as September 2008, with the greatest concentration of targets in Beijing, Guangdong and Zhejiang provinces, the company said. Among the targeted sectors were civil aviation, scientific research institutions, oil and petroleum industries, internet companies and Chinese government.

The cybersecurity firm came to a conclusion that the attack was initiated by a “state-level hacking organization” because the hackers had used “CIA-exclusive cyber weapons” such as Fluxwire and Grasshopper – long before they were publicly revealed to have been developed by US spies, when WikiLeaks published the so-called “Vault7” cache of documents in March 2017.

Control commands and encryption schemes of APT-C-39 also lined up with Vault7 disclosures, while compilation times matched “North American business hours,” Qihoo said.
..................................
Another Chinese antivirus company, Qi-Anxin, published a report in September 2019 also accusing the CIA of hacking Chinese companies, notably the aviation sector. Qi-Anxin’s research was also based on analyzing CIA software made public by WikiLeaks.

up
4 users have voted.

@wendy davis

I actually explored the Vault 7 release a bit when it came out.

And poor Joe Biden... Julian put a damper on his meetings with world leaders.

https://www.theguardian.com/media/2010/dec/19/assange-high-tech-terroris...

up
1 user has voted.

"Without the right to offend, freedom of speech does not exist." Taslima Nasrin

wendy davis's picture

@Fishtroller 02

that it was the diplomatic cables (and especially the 'collateral murder' video) that was the Big Revelation', but julian had always said it was the publication of Vault 7 that brought the espionage charges and pedal to the metal Fear and Loathing . but it's easy to see why that was, isn't it?

for greenwald, klein, and other intercept 'fearless journalists' they'd smeared him silly in their publications colums, but what got them was that they charged him with 'aiding and abetting our enemies', and specifically that wikiLeaks didn't vet everything with the Nat Sec state before publication as he ad snowden did. good whistleblower/bad whistleblower became their mantra. #FuckThem. snowjob and GG started it first at the aukland town hall meet-up with kim dot om, remember? with julian on a jumbo screen behind them?

He.was.not.amused. hope they're all happy now.

i explored 'reporting' (had forgotten most of it) on vault 7, lol, but good on ya, Fishtroller.

up
2 users have voted.
wendy davis's picture

i followed a few seemingly false trails as the cia program that crates false flags, from Umbrage to Hive...but finally saw Marble in a video. see what you think; i'm quite a luddite.

Marble Framework 31 March, 2017

Today, March 31st 2017, WikiLeaks releases Vault 7 "Marble" -- 676 source code files for the CIA's secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.
Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.

Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code. It is "[D]esigned to allow for flexible and easy-to-use obfuscation" as "string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop."

The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.

The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.

Ed Schultz at RT (2027) had mentioned Hive in regard to Kaspersky Lab in moscow, but a former CIA said: Nah, the agents wouldn't do anything illegal...i'll go look and see if i can make any sense of Hive.

up
2 users have voted.
wendy davis's picture

and discovered i'd had to do an internal search. it popped up in several related parts, but it was far beyond my ken, so i bingled externally for it and found:

WikiLeaks: CIA hacking group 'UMBRAGE' stockpiled techniques from other hackers’, march 2017, usatoday.com

A division of the Central Intelligence Agency stockpiled hacking techniques culled from other hackers, giving the agency the ability to leave behind the "fingerprints" of the outside hackers when it broke into electronic devices, the anti-secrecy group WikiLeaks alleges as it released thousands of documents Tuesday.
.............................
The documents also suggest that one of the agency’s divisions – the Remote Development Branch’s UMBRAGE Group – may have been cataloguing hacking methods from outside hackers, including in Russia, that would have allowed the agency to mask their identity by employing the method during espionage.

“With UMBRAGE and related projects the CIA cannot only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” Wikileaks said in a statement.

up
2 users have voted.