Report slams CIA’s lax security after hacking tool leak – Comments from Netwrix
June 2020 by Netwrix
A report released earlier this week has revealed that many of the US Central Intelligence Agency’s most sensitive hacking tools were so poorly secured that it was only when WikiLeaks published them online in 2017 that the agency realised they had been compromised, shedding light on how the intelligence community’s cybersecurity systems are lagging behind. Ilia Sotnikov, VP at Netwrix has made the following comments:
“Given the nature of CIA, we are not likely to hear a lot of details. We can expect Congress investigation, but most likely good part of that will be classified. Probably there will be more information in a month, but I wouldn’t expect it to reveal the details of what was leaked. This sets a challenge for all organisations to get ready for some advanced attacked with no information of what to beware of.
“An ongoing debate about the balance between secrecy and accountability for intelligence and law enforcement is as critical as ever. It raises public concern that some of the leaked tools if used improperly can be used against citizens’ privacy and even safety, as WannaCry ransomware, which was extremely harmful for the business. Leaking information from law enforcement and intelligence definitely leads to a less secure environment for all of us, because less sophisticated bad actors without budgets and resources comparable to CIA can now leverage the results of their work to target individuals and businesses.
“The problem is that the majority of organisations, especially smaller businesses, will never reach that level of protection against tools used by nation state attackers. This puts an incredible pressure on cyber security vendors and the industry, as well as cyber security professionals. However, the main lesson we should all learn is that we shouldn’t ignore cyber security basics even if the budget and access to new technologies cannot be compared to what CIA had.
“This investigation shows that many data breaches could have been prevented by fairly simple practices, like limiting access rights (least privilege), not using shared accounts without proper PAM system in place, and monitoring user access to the most sensitive data. It’s a pity that governmental organisations of such level are so lax towards cyber security.”