“In the past, we’ve lost our secrets to foreign adversaries,” Michael Hayden, former director at both the NSA and CIA, told McClatchy. “Now we’ve got the self-motivated insider that is our most important counterintelligence challenge.”
Internal leaks can be just as dangerous – if not more so – than foreign infiltration.
The so-called Vault 7 leaks, for instance, do not appear to fall under one of the four so-called MICE motivations to steal secrets: money, ideology, compromise and ego. Analysts think the Vault 7 leaks, which exposed a cache of documents said to have been created by CIA cyber units, were sourced by a former CIA contractor, McClatchy reports.
“No foreign service used any of those characteristics against any of the people we mentioned,” he said, referring to whistleblowers such as former NSA contractor Edward Snowden and war-crime revealer Chelsea Manning. “It’s kind of sui generis. How do you stop that?”
Contracting high-level security clearance duties and functions to third-party, for-profit groups poses glaring risks. In February, one Harold T. Martin was indicted on 20 felony charges for stealing 50 terabytes of sensitive information on national security issues and storing it at his house in Maryland. While Martin was caught, there’s no way to know how many other insiders are doing the same thing.
The CIA Vault 7 leak showed that under the CIA’s covert hacking program, weaponized bugs and loopholes have been used to gain access to privately owned commercial products like Microsoft Windows.
Microsoft tried to diminish the importance of the theft by claiming most of the loopholes had been patched. But former intelligence officials were not so certain that the leaks inflicted a small amount of damage. In fact, one official who “worked for several three-letter agencies,” reports the Chicago Tribune, noted “there’s not much left to burn” while speaking with Foreign Policy.
The tools were allowed intelligence agents to go into "God mode," writes Nicholas Weaver of Berkeley’s International Computer Science Institute. The loss of this “incredible asset” left untold amounts of damage to espionage capabilities.
The leaks "were multimillion-dollar exploits," a former intel official specializing in cyberspace told Foreign Policy, adding, "this is a big deal."
"You don’t know the size of America’s effective surveillance and propaganda capabilities, because a lot of these capabilities are contracted out to private companies," activist Barrett Brown told Sputnik’s By Any Means Necessary. According to Brown, many of America’s espionage capabilities are contracted out to private companies. The intel community operates a reflexive system whereby they are able to create private, third-party companies, and then turn around to hire those companies to do the NSA’s bidding.
"The government can put together a billion-dollar company in three weeks,” says former NSA chief scientist Dave Aitel, who added, "it’s an amazing system."