WikiLeaks announces “Vault 8”
Those releases were part of a series of leaks WikiLeaks called Vault 7. Now, WikiLeaks says Hive is just the first of a long string of similar releases, a series WikiLeaks calls Vault 8, which will consist of source code for tools previously released in the Vault 7 series.
The WikiLeaks announcement has sent shivers up the spines of infosec experts everywhere, as it reminded them of April this year when a hacking group named The Shadow Brokers published cyber-weapons allegedly stolen from the NSA.
Some of the tools included in that release have been incorporated in many malware families and have been at the center of all three major ransomware outbreaks that have taken place n 2017 — WannaCry, NotPetya, and Bad Rabbit. More here.
Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core
A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide
Accuracy in Media
Millions of American government employees, former employees, contractors and more have had their most personal and private information breached by hackers, because the government failed to take the necessary steps to protect those records. According to Politico, “Administration officials have said privately that signs point to the first hack having originated in China, and security experts have said it appeared to be part of a Chinese effort to build dossiers on federal employees who might be approached later for espionage purposes.”
It is an outrageous and unacceptable breach of trust. The federal government, through the Office of Personnel Management (OPM), interviews everyone who requires any sort of security clearance, and asks the most detailed and personal questions about past associations, indiscretions and behavior, to make sure nothing in their past could subject them to blackmail or subversion. The interviews extend to friends and associates of those being vetted, and those people are also in the databases that have been breached. But now it has come to light that OPM failed to hold up the Obama administration’s end of the bargain by not doing everything they could to protect those records.