A specialized CIA unit that developed hacking tools and cyber weapons didn’t do enough to protect its own operations and wasn't prepared to respond when its secrets were exposed, according to an internal report prepared after the worst data loss in the intelligence agency’s history.
"These shortcomings were emblematic of a culture that evolved over years that too often prioritized creativity and collaboration at the expense of security,” according to the report, which raises questions about cybersecurity practices inside U.S. intelligence agencies.
Sen. Ron Wyden, D-Ore., a senior member of the Senate Intelligence Committee, obtained the redacted report from the Justice Department after it was introduced as evidence in a court case this year involving stolen CIA hacking tools.
He released it on Tuesday along with a letter he wrote to new National Intelligence Director John Ratcliffe, asking him to explain what steps he’s taking to protect the nation’s secrets held by federal intelligence agencies.
The findings were first published by The Washington Post.
The 2017 report was produced one year after the theft of sensitive tools for hacking into adversaries' networks that were developed by the CIA's specialized Center for Cyber Intelligence. A former CIA employee was accused of stealing the information and providing it to WikiLeaks, but a jury deadlocked on those allegations.
The CIA report revealed lax cybersecurity measures by the specialized unit and the niche information technology systems that it relies upon, which is separate from the systems more broadly used by everyday agency employees. ..
Support the originator by clicking the read the rest link below.
