Security failures led to biggest information breach in CIA history in 2016

Systematic security failures at an elite CIA hacking unit helped lead to the biggest information breach in the agency’s history, according to a partially declassified CIA report provided to Sen. Ron Wyden’s office.

Details: The 2017 report, first reported by the Washington Post, is a postmortem on the 2016 breach, conducted by the CIA’s WikiLeaks task force.

• WikiLeaks revealed the data leak, known as Vault 7, in early 2017. Vault 7 revealed operations and exploits conducted and developed by the CIA’s Center for Cyber Intelligence, which houses the agency’s elite hackers.

What it says: “CIA has moved too slowly to put in place the safeguards that we knew were necessary given successive breaches to other U.S. Government agencies,” the report states.

• The lack of “user monitoring” and other audit capabilities meant the CIA was unaware of the breach until WikiLeaks had actually published documents from the stolen tranche.
• If a traditional nation-state adversary had stolen the information, and kept its possession of it secret, the CIA might still not know that its data had been breached at such a massive scale, says the report.

By the numbers: Between 180 gigabytes and 34 terabytes of information were pilfered, says the report, “roughly equivalent to 11.6 million to 2.2 billion pages in Microsoft Word.”

• This is a huge range that reveals just how much uncertainty exists within the CIA over the extent of the damage.

The state of play: In 2018, U.S. prosecutors charged Joshua Schulte, a former CIA employee, of being WikiLeaks’ source for the Vault 7 leaks.

• In March, Schulte’s trial ended in a hung jury, though he was convicted of lesser charges.
• Prosecutors plan on retrying Schulte on espionage-related charges.