Jun 17, 2020 - Technology

Security failures led to biggest information breach in CIA history in 2016

CIA.
The CIA logo in the lobby of CIA Headquarters in Langley, Va. Photo: SAUL LOEB/AFP via Getty Images

Systematic security failures at an elite CIA hacking unit helped lead to the biggest information breach in the agency’s history, according to a partially declassified CIA report provided to Sen. Ron Wyden’s office.

Details: The 2017 report, first reported by the Washington Post, is a postmortem on the 2016 breach, conducted by the CIA’s WikiLeaks task force.

  • WikiLeaks revealed the data leak, known as Vault 7, in early 2017. Vault 7 revealed operations and exploits conducted and developed by the CIA’s Center for Cyber Intelligence, which houses the agency’s elite hackers.

What it says: “CIA has moved too slowly to put in place the safeguards that we knew were necessary given successive breaches to other U.S. Government agencies,” the report states.

  • The lack of “user monitoring” and other audit capabilities meant the CIA was unaware of the breach until WikiLeaks had actually published documents from the stolen tranche.
  • If a traditional nation-state adversary had stolen the information, and kept its possession of it secret, the CIA might still not know that its data had been breached at such a massive scale, says the report.

By the numbers: Between 180 gigabytes and 34 terabytes of information were pilfered, says the report, “roughly equivalent to 11.6 million to 2.2 billion pages in Microsoft Word.”

  • This is a huge range that reveals just how much uncertainty exists within the CIA over the extent of the damage.

The state of play: In 2018, U.S. prosecutors charged Joshua Schulte, a former CIA employee, of being WikiLeaks’ source for the Vault 7 leaks.

  • In March, Schulte’s trial ended in a hung jury, though he was convicted of lesser charges.
  • Prosecutors plan on retrying Schulte on espionage-related charges.
Go deeper