WikiLeaks, an organization that publishes classified data, recently released a stash of alleged documents from the CIA. The data dump revealed the design and capabilities of the CIA’s covert cyber weapons, which the agency used to gather intelligence overseas. Security experts are worried that this breach has severely undermined the CIA’s ability to conduct espionage and carry out missions. The CIA’s cyber hacking tools allow them to turn ordinary cellphones, TVs, and other common devices into devices for espionage
The document databased, dubbed “Vault 7” by WikiLeaks, mentions the names of malware tools that the CIA uses to siphon data. These tools, with names like “Medusa” and “Assassin,” enable to CIA to gather data covertly from iPhones and control Microsoft computers, and record audio from Samsung TVs that are connected to the Internet. The “Blue Kangaroo” code is a system for the CIA to hide data images, while “Hammer Droll” is used to infect software that’s distributed via CDs and DVDs.
WikiLeaks says they received the highly confidential files from a CIA contractor. This breach draws similarities to the information breach carried out by Edward Snowden, who revealed a collection of documents from the National Security Agency in 2013. The files Snowden revealed to the public brought to light the domestic surveillance programs that were used on Americans. However, the CIA document leak revealed the hacking methods the agency used to gather intelligence from overseas targets. The documents do not specifically detail how the CIA’s cyber intelligence tools have been used against foreign targets.
Based on the data released from this breach, consumers are worried that their IoT devices can be used for espionage by both ordinary hackers and foreign governments. Big tech corporations like Google, Samsung, and Apple are looking into the security issues found in their devices. Tech companies have spent the last week addressing vulnerabilities and exploits in their devices, in an effort to regain consumer trust. Like private corporations, government agencies should also take a look at their cyber security practices to see if there are any vulnerabilities.
Below are four ways government agencies can secure their confidential documents:
Last week’s data breach is not the first time WikiLeaks has released data from the government. WikiLeaks came into the public eye back in 2010 with the exposure of thousands of classified US military files. It is clear that government agencies are being targeted by external threats, so they should invest in Endpoint Management Software to keep confidential information private. By scanning for malware and identifying unauthorized users, government agencies can prevent their data from being leaked.