Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
The CIA logo in the lobby of CIA Headquarters in Langley, Va. Photo: SAUL LOEB/AFP via Getty Images
Systematic security failures at an elite CIA hacking unit helped lead to the biggest information breach in the agency’s history, according to a partially declassified CIA report provided to Sen. Ron Wyden’s office.
Details: The 2017 report, first reported by the Washington Post, is a postmortem on the 2016 breach, conducted by the CIA’s WikiLeaks task force.
- WikiLeaks revealed the data leak, known as Vault 7, in early 2017. Vault 7 revealed operations and exploits conducted and developed by the CIA’s Center for Cyber Intelligence, which houses the agency’s elite hackers.
What it says: “CIA has moved too slowly to put in place the safeguards that we knew were necessary given successive breaches to other U.S. Government agencies,” the report states.
- The lack of “user monitoring” and other audit capabilities meant the CIA was unaware of the breach until WikiLeaks had actually published documents from the stolen tranche.
- If a traditional nation-state adversary had stolen the information, and kept its possession of it secret, the CIA might still not know that its data had been breached at such a massive scale, says the report.
By the numbers: Between 180 gigabytes and 34 terabytes of information were pilfered, says the report, “roughly equivalent to 11.6 million to 2.2 billion pages in Microsoft Word.”
- This is a huge range that reveals just how much uncertainty exists within the CIA over the extent of the damage.
The state of play: In 2018, U.S. prosecutors charged Joshua Schulte, a former CIA employee, of being WikiLeaks’ source for the Vault 7 leaks.
- In March, Schulte’s trial ended in a hung jury, though he was convicted of lesser charges.
- Prosecutors plan on retrying Schulte on espionage-related charges.