WikiLeaks, The CIA and Corporate Security –
What Does It Mean and What Should Corporate America Do?
Vault 7, Year Zero leak details scary and potentially dangerous information, but also powerful insight into how to avoid future corporate network breaches.
Augusta, Georgia – March 8, 2017 – Rendition Infosec, the nation’s leading provider of network security solutions and consultation, today announced that, while potentially a significant and major concern for corporations going forward, the initial news that the CIA and other high-level government-connected agencies and organizations have the power and capabilities to hack into corporate networks and databases, as well as an individual’s smartphone, tablet or even their smart TV at home, is not of an immediate concern to most companies here in the United States, but rather a good warning that preparation is critical.
“Our initial thought is that our customers doing business domestically don’t have anything to worry about immediately,” says Jake Williams, Founder of Rendition InfoSec. “The CIA is probably not interested in the common business or the day-to-day goings-on of the average citizen. The real concern is that this idea and the fact that the technology is now available can, and will, get into the hands of hackers with nefarious intent. And, while a good portion of our work is via Incident Response (IR), we also work closely with our customers on a daily basis to proactively build defensible networks, where attackers can be quickly detected and neutralized.”
While it has long been believed that cyber capabilities were part of the CIA’s interests and research, many techniques which were previously secret are now, due to the Vault 7, Year Zero leaks, available to attackers to reuse as they see fit. The CIA leaks offer unprecedented insights into how government hackers target organizations and steal their most sensitive data. Many of these attackers presumably operate with far less oversight than the CIA.
According to Greg Miller, National Security Reporter for The Washington Post, “The CIA have not stepped over any legal boundaries.”
Williams continues, “The positive is that we are getting a good look at how potential attackers are, and will be, working towards getting into the environments they want to breach, whether it is a government agency, an international corporation or the Jones family living down the street – and how to stop them. It gives companies, both here in the United States, as well as abroad, a great opportunity to engage a company like Rendition and benefit from expertise in understanding and neutralizing threats from the world’s most skilled hackers.
Network security is nothing new. Some of the techniques that were exposed by WikiLeaks are new. Instead of getting surprised with a breach or even risking a potential breach, companies need to prepare instead of react. With millions, and sometimes billions, of dollars and priceless corporate reputations at stake, it is important to employ investigators that work well under pressure and have experience working sensitive and highly valued forensic investigations. The time to secure a network is before it is breached.