The recent Wikileaks CIA dump has made both the US and the world vulnerable since the hacking tools that were dumped can now be weaponized by any of the outside (or inside) forces that have even the minimal technical knowledge on how to work this kind of tools.
Companies have started patching their systems and discovering the flaws faster than ever, while everyone is concerned about being spied on. Mike Pompeo, the director of the CIA, has called WikiLeaks a “non-state hostile intelligence service,” and blames them for posting the truth that is now endangering everyone. This dump is being treated as a breach by spies.
The CIA believe that there are no more hackers, but every kind of hacking is a calculated action done by spies, who have interests in any branch of any industry. CIA is relying on the FBI to investigate and find out how the hack occurred, and while they’re hoping that the fault lies with an employee that has done it as an act of ‘hacktivism’, they’re still afraid of the fact that it might be done by another country’s spy.
Some might not see the difference, but there’s a fine line between so-called whistleblowing, and spying for other world forces.
The real threat that was let loose by this dump were non-malware attacks. They don’t act as usual malware, they don’t download malicious software, they just sneak in and use native operating system tools (like PowerShell) and are therefore harder to detect.
These methods have already seen an increase in use, and the CIA claims to have investigated them as well. With their files and results dumped online, the non-malware attacks will become even more frequent.
It’s believed that diplomacy won’t help when it comes to protection from other countries and that the only way to achieve it is to enhance cyber security, as well as personnel. It’s believed that the government has to invest more into developing online security, especially since even the election campaigns were targeted multiple times by ransomware and spyware. People need to actually understand and accept how dangerous cyber attacks can be, which probably won’t happen until something drastic happens and wakes everyone up.