New Report Shows CIA Cyber Security is “Lax”

A report released today by US Senator Ron Wyden (D-Or.) regarding the Central Intelligence Agency’s cyber vulnerabilities is indicative of an even wider cyber security problem in US Intelligence Agencies.

The highly-redacted report was written in October 2017 after a data dump of CIA secrets (in the form of malicious code) was published by WikiLeaks but just released today… And it is embarrassing for the US. In fact, the CIA wasn’t even aware they had been breached until AFTER the data dump.

What this shows is that the CIA is much more concerned with developing their cyber weapons than they are with securing them. But this seems to be a systemic issue not isolated in just the CIA.

“Most of our sensitive cyber weapons were not compartmented, users shared systems administrator-level passwords, there were no effective removable media controls, and historical data was available to users indefinitely,” the report said.

Our intelligence agencies are widely known for their lackadaisical cyber security, as evidenced by the plethora of breaches they have experienced. When will they get their act together? Only time will tell.

Until then, it’s important that everyone takes the steps they need to take to protect their businesses, especially now that so many are still working from home. We have a free Remote Security Checklist available. And if you aren’t sure if your cyber security is up-to-snuff, it probably isn’t. Feel free to give us a call at 919-422-2607 to ask any questions you might have, or schedule a free consultation online.