WikiLeaks’ reveal of CIA hacking trove has feds on mole hunt

Manning. Snowden. Whose name is next to be added to the notorious list of government leakers?

The CIA is trying to answer that question right now.

A day after WikiLeaks released what it alleged to be the “entire hacking capacity of the CIA,” the focus Wednesday began shifting to just who gave the stunning surveillance information to the anti-secrecy website.

“There is heavy s— coming down,” said a veteran cyber contractor for the intelligence community who previously worked in the breached unit, the CIA’s Center for Cyber Intelligence.

WIKILEAKS RELEASES ‘ENTIRE HACKING CAPACITY’ OF CIA

The contractor told Fox News that CCI has long maintained an internal database of information — accessible to anyone with proper credentials or security clearance — that seemed to be dumped in total to WikiLeaks. In its news release on the disclosure, WikiLeaks said CCI had more than 5,000 registered users, a number alternatively referred to as “absurd” and “a bit high” by security experts who spoke to Fox News. The CIA declined comment to Fox News.

The FBI opened a federal criminal investigation into the WikiLeaks disclosure on Wednesday, Fox News confirmed. As the probe gets underway, experts said there’s a typical incident response playbook they would use to narrow down the massive pool of suspects.

“They’re going to try to do some forensic work because those documents probably have been changed [over time], so that enables them to narrow down the period to when they were taken,” said Alex Yampolskiy, the CEO of SecurityScorecard. “Once you say ‘this seems like it was a snapshot from this particular time,’ then they can look at audit logs of who had access to the document during that time frame.”

Yampolskiy said analysts would likely target the most sensitive documents that were revealed during their forensic work, as only those with a higher security clearance would have had access to them – again, shrinking the group of suspects.

Once a core group is established, investigators would institute behavioral profiling.

“They’ll run certain types of analytics – what websites did they access? What are the emails? How many people are still working there?” Yampolskiy said.

Regardless of the results of the inquiry, Brian Vecci, a technological evangelist for cybersecurity company Varonis, said the secret trove revealed by WikiLeaks illustrates the pervasive issue of another “major data breach of a major government organization tasked with security.”

“What’s clear to me — and this is true of pretty much every big data breach — the preventive controls were broken, or the detective controls were broken,” Vecci said. “Meaning, either too many people had access to the information, or the people that had access weren’t being recorded and analyzed. Or both.”

Last year SecurityScorecard ranked 18 industries by their cybersecurity performance. Information services, construction and food ranked 1, 2 and 3, respectively. Government was dead last.

But there was a twist, Yampolskiy said.

“The CIA was specifically one of the top performers in the government,” he said. “An ‘A’ letter grade.”

Fox News’ Catherine Herridge and James Rosen contributed to this report.

Published by

gabugo

Author, Pastor, Development and Valuation Surveyor, CEO LandAssets Consult Ltd., Publisher, The Property Gazette.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blogs!

"Feel free to flourish and browse through all of my writings."

Jozsef Torsan

My journey from leaving the corporate world to developing the Bookmark Ninja web app

Soul On Rice

A Prison Experience and Post-Prison Mentality

MounterWorld

My Favorite things

Paul-o-zone

Changing the world through self

The Waas Blog

We all have an unique story....I want to share yours!

Bitcoin Mining (Antminer S9)

Bitcoin Mining Hardware

Aussie Conservative Blog

Paleoconservative opinion

Her Unusual Journey

The life of a not so ordinary college girl

Chairybomb

Honest Furniture Reviews

patlalrique

Patlalrique on wordpress.com

Destination Humanity

Chasing big dreams one photo at a time

JFAB

Live A Curious Life

Port Canaveral Shuttle

Shuttle Port Canaveral offers convenient shuttles and transportation from the Orlando area to the Space Coast of Florida, including Port Canaveral and Cocoa Beach.

Port Canaveral Transportation

Port Canaveral Transportation and Cruise Shuttle Services

MARKETPLACE

GET PRODUCTS AT A CLICK OF A BUTTON

Josep Goded

Seeking Truth

%d bloggers like this: