CIA Dirty Laundry, Poor Operational Security — Exposed At Schulte Trial; Perhaps The CIA Should Consider Estabilishing An Outside/’Gray-Beard’ Panel To Conduct A Thorough Rewiew Of Their OPSEC Practices, And Understand If The ‘Schulte’ Incident Is A ‘One-Off,’ Or Worse
Yesterday, March 9, 2020, a Manhattan jury found former CIA contractor/hacker guilty of lying to the FBI and contempt, as numerous media outlets have reported; and, a hung jury on the most serious charges of illegally gathering and transmission of highly classified national security information to outside parties, including fellow hackers. Federal prosecutors had alleged that Joshua Schulte, who had been employed first by the NSA, and then the CIA as a developer for the agency’s offensive cyber operations division — Operational Support Group (OSG), the entity responsible for developing/creating cyber hacking/espionage tools) provided these very precious inteligence collection assets to outside parties, after becoming disgruntled with his employment situation at the CIA. But, because of an apparant and flagrant lack of operational security, the agency and the government was unable to prove/convince a jury that Schulte was solely responsible for the leaks.
Testimony and evidence presented at the trial, exposed the OSG as a an ‘open door,’ where operational security was not only extremely lax; but, was also apparantly not periodically inspected to ensure compliance with standard operational security standards.
Kieren McCarthy posted a March 5, 2020 article to the publication/website, TheRegister.com, noting that “the password for the Confluence machine, that held all the hacking tools that were stolen and leaked was……123ABCdef. and, the root login for the main Devlan server: mysweetsummer. It actually gets worse,” Ms. McCarthy added. Those passwords were shared by the entire team, and posted on the groups intranet.” Chats by those same individuals were revealed at the trial as part of Schulte’s defense; and, they revealed “team members talking about terrible their infosec practices were, and joked that CIA’s internal security would go nuts if they knew.”
Shulte was considered a ‘difficult employee,’ and incredibly, he had had his admin access rights blocked on several servers, only to find his way back in, creating his own backdoor into one of the CIA’a most sensitive entities. As Ms. McCarty notes, CIA officials “formerly warned Schulte that in the aftermath of Edward Snowden’s disclosures, this type of behavior was viewed very poorly, and he was made to sign a statement apologizing for his actions and promising not to do it again. But, in that very same interview, his superior told the court, Schulte made it plain that the could, and would do it again.” Adn, if Schulte did it — how about Russia, China, North Korea, Iran, and so on?
This is really shocking, especially in the aftermath of the Snowden breach, and inexcuseable. Very, very shocking, and disappointing. Was this an exception to the rule, and a one-off?, or, are there bigger, more extensive OPSEC issues at the CIA that warrants a serious examination? And, maybe the CIA needs to bring in an outside/’gray-beard’ panel, to conduct a thorough review. Solely relying on an internal review — might not be adeuate. RCP, fortunascorner.com