Data Breach

CIA replies to WikiLeaks Vault7 Leak, it is operating to protect Americans

WikiLeaks Vault7 – CIA pointed out that its mission is to “aggressively collect” foreign intelligence from overseas entities.

The U.S. Central Intelligence Agency (CIA) has issued an official statement in response to the Wikileaks Vault7 Data leak.

The US intelligence agency denies conducting a large-scale surveillance on its citizens.

According to an unnamed U.S. officials quoted by the Reuters press agency, that the most likely source of the data leak is a CIA contractor.

“Contractors likely breached security and handed over documents describing the Central Intelligence Agency’s use of hacking tools to anti-secrecy group WikiLeaks, U.S. intelligence and law enforcement officials told Reuters on Wednesday.” states the Reuters.

“Two officials speaking on condition of anonymity said intelligence agencies have been aware since the end of last year of the breach, which led to WikiLeaks releasing thousands of pages of information on its website on Tuesday.”

If confirmed, this is a very disconcerting particular, because it is not clear if the intelligence Agency has reported the incident to the IT vendors whom products could be targeted by the CIA hacking tools.

The CIA and the FBI have launched an investigation into the Wikileaks Vault7 Data leak, even if the Central Intelligence Agency did not confirm the authenticity of the huge trove of files.

The intelligence Agency pointed out that its mission is to “aggressively collect” foreign intelligence from overseas entities. Its mission is to protect the US from foreign governments and non-state actors such as terrorists.

“It is CIA’s job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad,” reads the statement issued by the CIA.

“The American public should be deeply troubled by any Wikileaks disclosure designed to damage the Intelligence Community’s ability to protect America against terrorists and other adversaries. Such disclosures not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm,” the agency said.

The tools in the CIA arsenal appear to have been designed for targeted attacks instead of a dragnet surveillance. The CIA pointed out that it is not allowed to Intelligence agencies and law enforcement bodies spying on individuals in the United States. The agency said its activities “are subject to rigorous oversight to ensure that they comply fully with U.S. law and the Constitution.”

According to the CIA, all the operations conducted by the US agencies “are subject to rigorous oversight to ensure that they comply fully with U.S. law and the Constitution.”

The US Government is worried about the impact of the Vault 7 data leak on the activities conducted by US intelligence agencies. The revelations put at serious risk the efficiency of its tools and techniques.

Which are the reactions of other governments to the Wikileaks dump?

China expresses concerns at the revelations, the products of many Chinese companies may have been targeted by the CIA hackers.

“China expressed concern on Thursday over revelations in a trove of data released by Wikileaks purporting to show that the CIA can hack all manner of devices, including those made by Chinese companies.” reported the Reuters..

“Dozens of firms rushed to contain the damage from possible security weak points following the anti-secrecy organization’s revelations, although some said they needed more details of what the U.S. intelligence agency was up to.

Widely-used routers from Silicon Valley-based Cisco (CSCO.O) were listed as targets, as were those supplied by Chinese vendors Huawei [HWT.UL] and ZTE (000063.SZ) and Taiwan supplier Zyxel for their devices used in China and Pakistan.”

 

The Germany’s foreign ministry issued a statement saying that it is in contact with the U.S. Government to receive more information on the case.

The chief federal prosecutor’s office confirmed it would review the Wikileaks data dump related to the claims that the CIA ran a hacking hub from the U.S. consulate in Frankfurt.

“We will initiate an investigation if we see evidence of concrete criminal acts or specific perpetrators,” a spokesman for the federal prosecutor’s office told Reuters.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Wikileaks Vault7, data leak)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

1 hour ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

15 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

22 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

This website uses cookies.