Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found
https://www.washingtonpost.com/national-security/elite-cia-unit-that-developed-hacking-tools-failed-to-secure-its-own-systems-allowing-massive-leak-an-internal-report-found/2020/06/15/502e3456-ae9d-11ea-8f56-63f38c990077_story.html

The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of securing their own systems,” according to an internal report prepared for then-director Mike Pompeo as well as his deputy, Gina Haspel, now the director.

The breach — allegedly committed by a CIA employee — was discovered a year after it happened, when the information was published by WikiLeaks in March 2017. The anti-secrecy group dubbed the release “Vault 7,” and U.S. officials have said it was the biggest unauthorized disclosure of classified information in the CIA’s history, causing the agency to shut down some intelligence operations and alerting foreign adversaries to the spy agency’s techniques.

The October 2017 report by the CIA’s WikiLeaks Task Force, several pages of which were missing or redacted, portrays an agency more concerned with bulking up its cyber arsenal than keeping those tools secure. Security procedures were “woefully lax” within the special unit that designed and built the tools, the report said.

Without the WikiLeaks disclosure, the CIA might never have known the tools had been stolen, according to the report. “Had the data been stolen for the benefit of a state adversary and not published, we might still be unaware of the loss,” the task force concluded.

The extraordinary trial of a former CIA sysadmin accusing of leaking top-secret hacking tools to WikiLeaks has ended in a mistrial.

In Manhattan court on Monday morning, jurors indicated to Judge Paul Crotty they had been unable to reach agreement on the eight most serious counts, which included illegal gathering and transmission of national defense information: charges that would have seen Schulte, 31, sent to jail for most of the rest of his life.

They did however find him guilty on two counts – contempt of court, and making false statements to the FBI – although he has already spent more time behind bars awaiting trial than he would be required to serve under those counts.

Alleged CIA Leaker Joshua Schulte Has Some of the Worst Opsec I’ve Ever Seen
https://motherboard.vice.com/en_us/article/qvn83q/joshua-schulte-cia-vault-7-wikileaks-opsec

Joshua Schulte uploaded CIA code to a personal website linked to his real name, archived versions of the site show.

A former CIA intelligence officer who is suspected by the government of leaking classified information to WikiLeaks appears to have uploaded at least some CIA-related source code to a personal website linked to his real name, files reviewed by Motherboard show. For years, the site was available to anyone on the internet and the server that hosted it was seized by the government in an ongoing child pornography case against him.

Quite simply, Schulte has some of the worst opsec and messiest online presence of anyone I’ve ever reported on. The amount of sensitive personal information he uploaded to a publicly available website while employed by the CIA is mind-boggling.

A former employee of the U.S. Central Intelligence Agency (CIA) is believed to have provided WikiLeaks the files made public by the whistleblower organization as part of its ‘Vault 7’ leak, which focuses on hacking tools used by the CIA.

According to The New York Times and The Washington Post, the suspect is 29-year-old software engineer Joshua Adam Schulte. The man’s LinkedIn profile shows that he worked for the NSA for five months in 2010 as a systems engineer, and then joined the CIA as a software engineer. He left the CIA in November 2016, when he moved to New York City and started working as a senior software engineer for Bloomberg.

While authorities reportedly started suspecting Schulte of providing files to WikiLeaks roughly one week after the first round of Vault 7 documents were released in March 2017, he still has not been charged in connection to the leaks. Instead, he has been jailed for possessing child pornography.

WikiLeaks has shoved online more internal classified stuff nicked from the CIA – this time what’s said to be the source code for spyware used by Uncle Sam to infect and snoop on targets’ computers and devices.

Today’s code dump is part of a larger collection called Vault 8, and spills onto the internet what is claimed to be the CIA’s Hive tool. This is two-part component: one half runs on a snoop-controlled server and issues commands to the client, the other half, which lurks quietly on an infected device or computer.

How exactly the client side of the malware gets into the endpoints to do its spying isn’t revealed: there are no exploits for vulnerabilities in the code, nor any zero days uncovered, it appears. It’s a remote-control tool that sheds light on the CIA’s programming abilities – and the C code is pleasantly clean from our glance through it – and handily lays out a way to perform server-client operations. A free US taxpayer-funded programming tutorial, if you will.

https://wikileaks.org/vault8/

The secret-spilling organization launches a new series where it will release the source code of alleged CIA tools from the Vault 7 series.