Sherweb Webinar 30 May



Symantec Says CIA Tools Found Across 16 Countries

In a blog post, the California-based Symantec Corp. said the tools in WikiLeaks' recent releases have been linked to the electronic infiltration of international, financial, energy and aerospace organizations across the world. Like many security firms, Symantec draws on data supplied by its clients. Researcher Dick O'Brien declined to provide further details, saying might prompt speculation as to the identity of the people or organizations involved.

"I will say, in terms of the regions, the largest region represented in terms of those targets was the Middle East," O'Brien said in a telephone interview.

The word "CIA" was mentioned nowhere in Symantec's post, but few if any doubt that that's where the tools come from. When WikiLeaks began releasing them in early March, it gave an unusually explicit account of how the tools had been taken from the CIA's Center for Cyber Intelligence. The U.S. government has since all but publicly accepted the embarrassing claim; about a week later, President Donald Trump told a television host: "I just want people to know the CIA was hacked, and a lot of things taken."

O'Brien said that while Symantec didn't dispute that assessment, pinning the tools on a specific government agency was "straying outside our area of expertise."

Intriguingly, O'Brien said one CIA tool was discovered breaking into an U.S. computer -- only to uninstall itself almost immediately afterward.

"That, to us, smacks of an accidental compromise," we said. "Our assessment is it was likely a mistake."

Source: CIO Today

Click here for Printer Friendly Version