March 10

CIA Dirty Laundry Aired



This post was originally published on this site

Joshua Schulte, the CIA worker standing demo for leaking the Wikileaks Vault 7 CIA hacking equipment, maintains his innocence. And through the trial, plenty of shoddy protection and sysadmin procedures are coming out:

All this particular raises a question, even though: precisely how bad may be the CIA’s security that will it wasn’t in a position to keep Schulte out there, even accounting regarding the fact that he could be a hacking and personal computer specialist? And the solution is: absolutely terrible.

The password for the Confluence virtual device that held all of the hacking tools which were stolen and leaked? Which will be 123ABCdef. And the main login for the primary DevLAN server? mysweetsummer.

It actually makes worse than that. Those passwords had been shared by the complete team and submitted on the group’s intranet. IRC chats published through the trial also revealed team members discussing how horrible their infosec practices had been, and joked that CIA inner safety would go nuts should they understood. Their justification? The intranet had been restricted to people of the Operational Assistance Branch (OSB): the elite programming unit which makes the CIA’s hacking equipment.

About the author 

Agent 86

Maxwell Smart, agent 86, is CONTROL's top spy (except for Bannister) and, later, the Chief of CONTROL.

You may also like

Brexit Deal Mandates Old Insecure Crypto Algorithms

Brexit Deal Mandates Old Insecure Crypto Algorithms

On the Evolution of Ransomware

On the Evolution of Ransomware

Russia’s SolarWinds Attack

Russia’s SolarWinds Attack
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Subscribe to our newsletter now!