The CIA (Central Intelligence Agency) believed to be one of the most complicated and highly secured network has been hacked and Wikileaks has released more than 8000 files to the general public. This brings a lot of tech giants and their business operations into the public view. All the information that have been released in March of 2017 is highly classified information, showing Wikileaks was able to access such sensitive data without anyone noticing a breach in the security system. This means your personal information could be stolen and fall in the hands of people who will use them in their favour. Later new softwares – HB Swiss for instance, started to develop better security for their databases.
What Is Vault 7
After the infamous cablegate leaks, Wikileaks has now targeted the CIA. This is the name given to the largest publication of highly confidential documents related to the CIA. The founder of Wikileaks has also divulged their source as CIA’s Center for Cyber Intelligence.
These are files extracted from a high security network that is situated in Virginia. This is in succession to the disclosure that took place in February 2017 that was related to the CIA’s targeted French political parties and candidates who were in the lead up until the 2012 elections.
What Is Zero Day
Zero Day is a hole that is available in the software, without the knowledge of the vendor. When this is present, the attackers and hackers make use of it and gain access to user information. This attack on the software is known as a zero day attack. Then it is a race between the hackers and the vendors to see if one can get more access before the other can plug the hole.
This vulnerability hole is then rectified by releasing a patch. Generally these patches are released on a regular basis on a fixed schedule, so that the users are always protected, however in the event of a critical vulnerability that is discovered suddenly, a patch can be released out of schedule too. The aim here is to protect the users and their data from any cyber attack.
Why Is CIA The Target?
Wikileaks is out to prove the CIA is overstepping its line and is having access to too much information. As per law, the zero day vulnerabilities identified have to be disclosed to the respective companies, so that they can take the necessary action and protect their users. However, Wikileaks has alleged that the CIA has not disclosed these information and has put many users and their data at risk.
As a result of not notifying the companies about the zero day vulnerabilities, the holes in the security systems are not breached, hence keeping the door open for the hackers and attackers to gain sensitive data of the users. This is a big security breach for many businesses that can lead to financial and data loss.
Wikileaks aims to let the public know how vulnerable their data is and how the most trusted and one of the most powerful government agencies – the CIA itself is responsible for such a security breach. They want to hold a public debate to discuss if what the CIA has done and have access to, are legal.
The group has publicly declared that Vault 7 is the first part of the year zero series, where it aims to expose many more such works of the government. Though the group has access to many confidential codes related to the zero day vulnerabilities, it has not released those on account of public security. It has offered to share the information with concerned tech giants, so as to help them offer more secured service to their customers.