Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

CIA Responds to WikiLeaks Hacking Tool Dump

CIA Logo on Keyboard

CIA: We Are Innovative but We Don’t Spy on Fellow Americans

CIA Logo on Keyboard

CIA: We Are Innovative but We Don’t Spy on Fellow Americans

The U.S. Central Intelligence Agency (CIA) has issued a statement in response to the claims made by WikiLeaks in regards to the agency’s hacking tools, and denied conducting electronic surveillance on Americans.

The CIA and the FBI have launched an investigation into the Vault 7 dump and unnamed U.S. officials told Reuters that the most likely source of the breach is a CIA contractor.

In its initial press release, WikiLeaks said the files, originating from the CIA’s Center for Cyber Intelligence (CCI) in Langley, Virginia, had been circulating among former government hackers and contractors. One of them allegedly provided the data to the whistleblower organization.

The CIA has refused to comment on the authenticity of the leaked documents or the status of its investigation into this incident. However, the agency pointed out that its mission is to “aggressively collect” foreign intelligence from overseas entities in an effort to protect America from adversaries such as terrorists and hostile nation states.

“It is CIA’s job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad,” the CIA said in its statement.

The nature of the tools suggests that they are designed for targeted operations – rather than mass surveillance – and the CIA pointed out that it’s legally prohibited from spying on individuals in the United States. The agency said its activities “are subject to rigorous oversight to ensure that they comply fully with U.S. law and the Constitution.”

The organization has expressed concern about the impact of the Vault 7 dump on its operations.

Advertisement. Scroll to continue reading.

“The American public should be deeply troubled by any Wikileaks disclosure designed to damage the Intelligence Community’s ability to protect America against terrorists and other adversaries. Such disclosures not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm,” the agency said.

WikiLeaks has claimed that the U.S. consulate in Frankfurt is used by the CIA as a covert base for hackers targeting Europe, the Middle East and Africa. Germany’s foreign ministry issued a statement saying that it takes such information very seriously and that it’s in touch with the U.S. on this matter.

According to Reuters, China also expressed concern after the WikiLeaks documents showed that the CIA may have targeted the devices of several Chinese companies, including Huawei and ZTE. The country once again claimed it opposes all forms of hacking and urged the U.S. to “stop listening in, monitoring, stealing secrets and internet hacking against China and other countries.”

London-based Privacy International has also issued a statement, saying that if the leaks are authentic, “they demonstrate what we’ve long been warning about government hacking powers — that they can be extremely intrusive, have enormous security implications, and are not sufficiently regulated.”

Technology companies whose products are listed in the Vault 7 leaks have launched investigations to assess the impact of the alleged CIA tools. Following an initial analysis of the available information – WikiLeaks has yet to make public any actual exploits – security firms and tech giants such as Apple and Google have determined that a majority of the vulnerabilities do not affect the latest versions of their products.

Related: “Vault 7” Leak Shows CIA Learned From NSA Mistakes

Related: Government Contractor Indicted Over Theft of Secret Documents

Related: Required Insider Threat Program for Federal Contractors – Will It Help?

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Mike Byron has been named Chief Financial Officer (CFO) at Exabeam.

Ex-GitHub chief technology officer Mike Hanley has joined GM as CISO.

Network security and compliance assurance firm Titania has appointed Victoria Dimmick as CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.