Cyber security firm Symantec has used the latest Vault 7 revelations from WikiLeaks, which reveal some of the CIA’s tools and modus operandi, to deduce that forty hacks in sixteen different countries are attributable to the US intelligence agency.
Symantec believes that a group they refer to as Longhorn is a covert CIA hacking team which has infiltrated targets in government, financial, telecoms, energy, aerospace, education, and natural resources sectors in countries across the Middle East, Europe, Asia and Africa. While the CIA is prohibited from any surveillance operations in the USA, it seems that one homeland computer was also briefly infected. Rather amusingly, the investigation has also uncovered Longhorn’s working patterns – which match the Monday to Friday office hours of any old company. You can just about imagine CIA hackers donning the obligatory black hoodie upon arriving at the office.
By linking real world attacks to the CIA tools, tactics and timelines revealed by WikiLeaks, Symantec has built up strong circumstantial evidence to support its claims – in answer to the question ‘who spies on the spies?’