GCHQ hacked: How they did it
When the world’s biggest spy agency stumbled on the darkest corners of the internet on Wednesday, it appeared to be the work of a lone hacker.
But a team of cyber security experts said they think it was the work, not a rogue contractor, that was behind a hack of the intelligence agency that has caused alarm in Washington.
The hack, dubbed “Operation Woes,” was first reported by The Guardian, which said it was carried out by an outside contractor, a British intelligence contractor called Team10.
The hackers posted their findings on Twitter, where they shared a link to the exploit they said was used to gain access to the CIA’s “black budget” website.
It was not immediately clear who they worked for, and the CIA did not respond to requests for comment.
A number of Twitter users suggested that Team10 may be working with WikiLeaks, a news organization believed to have ties to Russia.
Twitter has since deleted the post, but the Guardian says that’s the only way to know for sure.
The CIA is in the midst of a major overhaul to its cyber warfare efforts and the cyber threat is likely to remain high, according to the agency’s director, John Brennan.
But cybersecurity experts and congressional lawmakers said the revelations about Team10 are alarming.
“The intelligence community has made it clear it is concerned that these types of cyberattacks could compromise sensitive intelligence sources and methods,” said Sen. Ron Wyden, a Democrat from Oregon.
“We will be looking to see if there is any additional evidence that suggests Team10 is using cyberweapons against the United States.”
“We have to ask ourselves: is this another example of a rogue hacker exploiting a gaping hole in our cyber defense?
If so, what could have been done to prevent this?”
Senator Ron Widen said in a statement.
“This is an example of the lengths the intelligence community will go to in order to protect our nation’s secrets.”
The CIA said the group has not yet been identified, but that it is an external contractor.
The agency has a long history of trying to exploit vulnerabilities in cyberspace, including the recent breach of the Democratic National Committee’s email system, which resulted in the theft of emails of more than 20 million people.
The spy agency said it had no information on who the hackers were or why they targeted the CIA.
The Guardian also said that Team 10 used a different vulnerability to get into the CIA website.
The team said that it obtained the vulnerability by exploiting a previously disclosed vulnerability in the “Black Budget” website, a site used by the CIA to store classified information.
The news outlet said the CIA “had not publicly disclosed the vulnerability since 2011.”
The spy service has been accused of using vulnerabilities in spyware to spy on political opponents, dissidents, and journalists.
Officials have said the agency does not spy on foreign governments.
A group of cybersecurity experts, including several former CIA officials, said in an open letter published Wednesday that they thought the agency was targeting WikiLeaks, but did not think Team 10 was the source.
“I believe this is an operation by an external party, and it is highly unlikely that we will find the source of this breach,” said one of the letter’s signatories, Matthew Green, a former senior fellow at the Washington Institute for Near East Policy.
“But it is interesting that this attack appears to have targeted a site run by a group that is known for publishing information about US political adversaries.”
The cyber group also said it accessed the CIA network by using the “Blindspots” exploit, which was also used by Team10 to gain entry to the “blackbudget” website last year.
“There are a lot of possibilities that could be driving this attack,” said Kevin Mandia, an analyst at the cyber security firm FireEye.
“If this was the result of a leak, it’s certainly an interesting one.”
The attack is the latest in a string of hacks that have shaken the U.S. government and left Americans reeling over the disclosure of top secret documents about the NSA’s secret surveillance programs.
The NSA is the largest intelligence agency in the world.
Its programs are overseen by the director of national intelligence, who has broad authority to conduct surveillance on any U.