Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday July 17 2022, @05:25PM   Printer-friendly

Ex-CIA Employee Convicted of Leaking 'Vault 7' Secrets to Wikileaks:

The leak, among the largest ever to affect the CIA, showed the agency could hack smart TVs, Skype accounts, and lots of common web applications.

A former Central Intelligence Agency computer engineer has been convicted of leaking a large tranche of classified material that revealed some of the agency's most powerful hacking techniques. Joshua Schulte, 33, worked for an elite software team within the CIA when he stole a cache of documents in 2016 and shared them with Wikileaks, which published the material in 2017. It was one of the worst breaches in the CIA's history.

Schulte was found guilty of nine charges, including illegally gathering and distributing national defense information, by a federal jury in Manhattan on Wednesday. The convictions could net him up to 80 years in prison.

[...] "Vault 7" consisted of some 9,000 pages and shed light on a host of creepy hacking techniques used by the agency. The leak demonstrated that the CIA had developed the capability to hack into smart TVs and turn them into a surveillance devices (very 1984), that it had enlisted a previously unknown army of hackers, and that those keyboard warriors work around the clock to penetrate all sorts of smart phones, operating systems, popular communication services like Skype, and even common anti-virus software. According to Wikileaks, the CIA also "hoarded" zero-day vulnerabilities—unknown bugs that could be exploited to gain access to technical systems with extreme speed. The government says that these tactics are used to break into the networks of terrorists and foreign adversaries.


Original Submission

Related Stories

40 Years in Prison for ex-CIA Coder Who Leaked Hacking Tools to WikiLeaks 4 comments

A former CIA programmer was sentenced to 40 years in prison on Thursday for leaking the US spy agency's most valuable hacking tools to WikiLeaks:

Joshua Schulte, 35, was found guilty in 2022 of espionage and other charges in what the CIA called a "digital Pearl Harbor" -- the largest data breach in the history of the intelligence agency.

[...] US District Judge Jesse Furman sentenced Schulte to 40 years in prison for espionage, computer hacking, contempt of court, making false statements to the FBI and child pornography.

Schulte worked for the CIA's elite hacking unit from 2012 to 2016 when he quietly took cyber tools used to break into computer and technology systems, according to court documents.

After quitting his job, he sent them to WikiLeaks, which began publishing the classified data in March 2017.

[...] The leaked data included a collection of malware, viruses, trojans, and "zero day" exploits that, once leaked out, were available for use by foreign intelligence groups, hackers and cyber extortionists around the world, they said.

Previously:


Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by mrpg on Sunday July 17 2022, @05:47PM (5 children)

    by mrpg (5708) <mrpgNO@SPAMsoylentnews.org> on Sunday July 17 2022, @05:47PM (#1261460) Homepage

    The government says that these tactics are used to break into the networks of terrorists and foreign adversaries.

    For governments there are external and internal enemies.

    • (Score: 5, Insightful) by stormreaver on Sunday July 17 2022, @06:25PM (2 children)

      by stormreaver (5101) on Sunday July 17 2022, @06:25PM (#1261463)

      When your primary powers revolve around fighting terrorism, you view everyone as a potential terrorist.

      • (Score: 4, Insightful) by liar on Sunday July 17 2022, @06:41PM (1 child)

        by liar (17039) on Sunday July 17 2022, @06:41PM (#1261466)

        Nietzsche comes to mind...
        “Whoever fights monsters should see to it that in the process he does not become a monster. And if you gaze long enough into an abyss, the abyss will gaze back into you.”

        --
        Noli nothis permittere te terere.
        • (Score: 5, Touché) by Mr Big in the Pants on Sunday July 17 2022, @06:56PM

          by Mr Big in the Pants (4956) on Sunday July 17 2022, @06:56PM (#1261469)

          Assuming you weren't the monster the whole time.

          Plot twist:

          You star into the abyss and then realise it was a mirror all along...

    • (Score: 2) by captain normal on Sunday July 17 2022, @07:09PM (1 child)

      by captain normal (2205) on Sunday July 17 2022, @07:09PM (#1261470)

      ...and??? Your point is what? Are you implying that government is bad, or that it is a function of government to be aware of external and internal enemies?

      --
      Everyone is entitled to his own opinion, but not to his own facts"- --Daniel Patrick Moynihan--
      • (Score: 2) by stormreaver on Monday July 18 2022, @04:06PM

        by stormreaver (5101) on Monday July 18 2022, @04:06PM (#1261580)

        It means that governments become corrupt and eventually turn their powers against those they are supposed to serve. Power corrupts, and absolute power corrupts absolutely. The U.S. government has long been struggling to blur the line between the power to serve and the power to abuse, and frequently steps all too far into the latter. It's rare that it steps back and says, "we shouldn't be doing that."

  • (Score: 3, Insightful) by Anonymous Coward on Sunday July 17 2022, @07:13PM (5 children)

    by Anonymous Coward on Sunday July 17 2022, @07:13PM (#1261471)

    At this point you have to assume that all electronic stuff is listening, videoing and tracking you. Don't like it? Tough. There's not a chance in the world of stopping it.

    • (Score: 1) by liar on Sunday July 17 2022, @07:44PM (4 children)

      by liar (17039) on Sunday July 17 2022, @07:44PM (#1261474)

      https://youtu.be/7YvAYIJSSZY [youtu.be]
      I'm just an average man, with an average life.
      I work from nine to five; hey hell, I pay the price.
      All I want is to be left alone in my average home;
      But why do I always feel like I'm in the Twilight Zone, and

      I always feel like somebody's watching me.
      And I have no privacy.
      Woh, I always feel like somebody's watching me.
      Tell me is it just a dream?

      --
      Noli nothis permittere te terere.
      • (Score: 0) by Anonymous Coward on Sunday July 17 2022, @08:26PM

        by Anonymous Coward on Sunday July 17 2022, @08:26PM (#1261475)

        LSD in the water.

      • (Score: 1, Interesting) by Anonymous Coward on Monday July 18 2022, @01:19AM (2 children)

        by Anonymous Coward on Monday July 18 2022, @01:19AM (#1261497)

        That's the reason I like my Arduinos.

        That and my 6502, which I program personally, are my only pieces of technology I still trust to do as they are so instructed by me.

        I trust nothing that can see the 'net. Even if I personally coded it's stack in Assembler. ( No, I have never coded a full stack, only the bare minimum of what I require, and rarely use standard ports. I just send bytes from here to there, and verify they got the packet uncorrupted. In Assembler, I am free to coin my own protocols. But unfortunately, I am not privy to the inner design details of the hardware. I have little way to verify the non-existence of conditional backdoors).

        • (Score: 2) by DeathMonkey on Monday July 18 2022, @03:28PM (1 child)

          by DeathMonkey (1380) on Monday July 18 2022, @03:28PM (#1261564) Journal

          As soon as you connect either one to the internet you are no longer only using Arduinos and 6502s!

          • (Score: 2) by istartedi on Monday July 18 2022, @09:34PM

            by istartedi (123) on Monday July 18 2022, @09:34PM (#1261649) Journal

            If it were revealed that the 6502 could be addressed and modified by the modern Internet somehow, we would really be through the looking-glass.

            --
            Appended to the end of comments you post. Max: 120 chars.
  • (Score: 4, Interesting) by Barenflimski on Sunday July 17 2022, @08:40PM

    by Barenflimski (6836) on Sunday July 17 2022, @08:40PM (#1261476)

    Interesting that one guy leaked it all. I'd love to hear more. For some reason, I thought these files were found on a targets machine that were thought to have been accidentally left?

    Either way, that is fairly egregious if this is all true. On the other hand, its great studying if you at all like coding and spy-craft.

    I always forget how quickly the average Joe forgets and doesn't really get the extent of tracking. It is everywhere. Even the stuff you don't think can be tracked, can to some extent. As an example, I just had a long conversation last night explaining why cash isn't as anonymous as he thinks. While the government might not be able to track that specific dollar to you for each transaction, put enough together, and you start to get a pretty good idea of who is handing money to whom. With other data, you can put together enough circumstantial evidence to reduce your targeting to just a couple of people.

    There is a tiny part of me that wonders if even this story is a plant to throw off other government agencies.

  • (Score: 5, Insightful) by Rosco P. Coltrane on Monday July 18 2022, @12:06AM (1 child)

    by Rosco P. Coltrane (4757) on Monday July 18 2022, @12:06AM (#1261491)

    So was Snowden's leak.

    And people will be outraged for a week or so, as long as the news pundit meekly talk about it on TV.

    And then they'll move on, forget about it and slide back into blissful ignorance of the vast crypto-fascist surveillance network that surrounds them.

    • (Score: 4, Insightful) by Kell on Monday July 18 2022, @07:46AM

      by Kell (292) on Monday July 18 2022, @07:46AM (#1261523)

      That's how it works: if you can see the surveillance state, you can avoid the surveillance state. Return to your blissful ignorance, citizen - but don't even imagine stepping out of line.

      --
      Scientists ask questions. Engineers solve problems.
  • (Score: 3, Insightful) by crafoo on Monday July 18 2022, @11:09AM

    by crafoo (6639) on Monday July 18 2022, @11:09AM (#1261533)

    this smells like behind the scenes backyard scraps between the various direct-action arms of our spook agencies.

    was that the same leak which leaked the internal shopping brochure with all of the cool spy toys?

    the small radar retro-reflectors powered by external directed radar beams was quite interesting. small, passive bugs that can exfiltrate data simply by painting a building with a radar beam. in your keyboards, monitor cables (that one was cool!), USB cables. Very cool. And _old_ technology now.

  • (Score: 2) by DeathMonkey on Monday July 18 2022, @03:38PM

    by DeathMonkey (1380) on Monday July 18 2022, @03:38PM (#1261566) Journal

    Love it or hate it zero day exploits only remain zero day exploits if they're a fucking secret!

    I would expect some agencies to weaponize this kind of stuff and, hopefully, other agencies protect us against it.

    How much did Stuxnet delay the Iranian nuke program and was that a good thing? If someone leaks those plans and Iran closes the hole before it can be used, is that a good thing?

    (advocating for the devil a bit since all the post so far are just 'fuck the man!')

  • (Score: 3, Interesting) by AssCork on Tuesday July 19 2022, @03:38PM

    by AssCork (6255) on Tuesday July 19 2022, @03:38PM (#1261754) Journal

    I don't see how this guy isn't covered by whistle-blower protection status? The government was clearly acting against the interests of law-abiding citizens for the low-hanging fruit of "maybe we can catch someone doing something bad".

    Telling everyone "this is how the government bypasses the locks on your property to spy on you" sounds like protected whistle-blower to me.

    --
    Just popped-out of a tight spot. Came out mostly clean, too.
(1)