WikiLeaks Breach Shows Necessity of Endpoint Management

WikiLeaks, an organization that publishes classified data, recently released a stash of alleged documents from the CIA. The data dump revealed the design and capabilities of the CIA’s covert cyber weapons, which the agency used to gather intelligence overseas. Security experts are worried that this breach has severely undermined the CIA’s ability to conduct espionage and carry out missions. The CIA’s cyber hacking tools allow them to turn ordinary cellphones, TVs, and other common devices into devices for espionage

The document databased, dubbed “Vault 7” by WikiLeaks, mentions the names of malware tools that the CIA uses to siphon data. These tools, with names like “Medusa” and “Assassin,” enable to CIA to gather data covertly from iPhones and control Microsoft computers, and record audio from Samsung TVs that are connected to the Internet. The “Blue Kangaroo” code is a system for the CIA to hide data images, while “Hammer Droll” is used to infect software that’s distributed via CDs and DVDs.

WikiLeaks says they received the highly confidential files from a CIA contractor. This breach draws similarities to the information breach carried out by Edward Snowden, who revealed a collection of documents from the National Security Agency in 2013. The files Snowden revealed to the public brought to light the domestic surveillance programs that were used on Americans. However, the CIA document leak revealed the hacking methods the agency used to gather intelligence from overseas targets. The documents do not specifically detail how the CIA’s cyber intelligence tools have been used against foreign targets.

Based on the data released from this breach, consumers are worried that their IoT devices can be used for espionage by both ordinary hackers and foreign governments. Big tech corporations like Google, Samsung, and Apple are looking into the security issues found in their devices. Tech companies have spent the last week addressing vulnerabilities and exploits in their devices, in an effort to regain consumer trust. Like private corporations, government agencies should also take a look at their cyber security practices to see if there are any vulnerabilities.

Below are four ways government agencies can secure their confidential documents:

  1. Encrypt Files: Government agencies should encrypt confidential documents so people outside the agency don’t have access to information. Encryption serves as an extra layer of security that can keep confidential information safe from unauthorized users like contractors.
  2. Partition Data: Government agencies should block off strictly confidential data from outside contractors. Contractors working with government agencies should be limited to the data they can access, download, and move off-site.
  3. Conduct Audits: Agencies should regularly conduct IT application control audits and scan for vulnerabilities. By conducting audits, government agencies can see exactly where their security gaps are. Audits also help government agencies and departments remain compliant with federal and state cyber security standards.
  4. Prioritize Remediation: Quick vulnerability remediation is key whenever a security exploit is discovered. Government agencies should prioritize the remediation of security gaps so outside threats don’t have a chance to exploit them.

Last week’s data breach is not the first time WikiLeaks has released data from the government. WikiLeaks came into the public eye back in 2010 with the exposure of thousands of classified US military files. It is clear that government agencies are being targeted by external threats, so they should invest in Endpoint Management Software to keep confidential information private. By scanning for malware and identifying unauthorized users, government agencies can prevent their data from being leaked.