The US senator wrote the letter to one of the country’s top cybersecurity agencies following a government report complaining of major holes in the nation’s cybersecurity policies.
Senator Ron Wyden [D-OR] has urged US officials to outline steps to protect the data of US federal intelligence agencies in a letter to government officials on Wednesday.
Mr Wyden wrote in his letter to US director of national intelligence, John Ratcliffe, that the US intelligence community was “still lagging behind” and a failed to implement “even the most basic cybersecurity technologies in widespread use elsewhere in the federal government”.
Congress should “reconsider” a law to exempt “intelligence agencies from federal cybersecurity requirements,” he added.
The “damning” CIA report had also exposed the “serious lapses in the cybersecurity of the nation’s top intelligence agencies”, he tweeted on Wednesday.
“I’m pressing DNI John Ratcliffe on how he plans to better protect our country’s most sensitive secrets. We’ve seen what happens when they’re left vulnerable,” he tweeted.
The letter cited a report from the CIA WikiLeaks Task Force (WTF) in 2017 stating that cybersecurity failures in the US government had led to “the largest data loss in CIA history”, referring to the Vault 7 files published by WikiLeaks.
The redacted report, written by the US Department of Justice, found “woefully lax” cybersecurity measures at the CIA which exposed “acute vulnerabilities” in key IT systems.
The news comes three years after WikiLeaks published the Vault 7 files in March 2017, totalling around 8,000 pages, which revealed revealed massive levels of details on the CIA’s surveillance and cyberwarfare capabilities.
The files, exposed by former software engineer Joshua Schulte, revealed 91 of around 500 malware and spyware tools used by the CIA’s Center for Cyber Intelligence to hack into operating systems, browsers, messaging apps and devices such as mobiles, among numerous others. Schulte plead not guilty and faces 11 counts, including lying to the Federal Bureau of Investigation, a serious offence that could potentially carry a ten-year sentence.
“Year Zero”, the first part of the Vault 7, disclosed 8,761 documents from the cybersecurity centre in Langley, Virginia, which found the CIA had targeted French political parties and candidates in the 2012 US elections. The CIA’s arsenal of weaponised “zero day” malware and viruses held over “several hundred million lines of code” and was spread amongst former US government hackers and contractors “in an [unauthorized] manner”, according to a WikiLeaks press statement.
Such programmes targeted products from numerous US and European companies, including Apple, Google, Samsung and Microsoft, converting devices into “covert microphones”, the whistleblowing organisation added.
Sourse: sputniknews.com
