You are using an older browser version. Please use a supported version for the best MSN experience.

Symantec says CIA tools found across 16 countries

Associated Press logo Associated Press 10/04/2017

LONDON — The CIA's cyberespionage toolkit made public by WikiLeaks has been linked to 40 spying operations in 16 countries, an early public assessment of the intelligence agency's global hacking operations, computer security company Symantec said Monday.

In a blog post published , the California-based Symantec Corp. said the tools in WikiLeaks' recent releases have been linked to the electronic infiltration of international, financial, energy and aerospace organizations across the world. Like many security firms, Symantec draws on data supplied by its clients. Researcher Dick O'Brien declined to provide further details, saying might prompt speculation as to the identity of the people or organizations involved.

"I will say, in terms of the regions, the largest region represented in terms of those targets was the Middle East," O'Brien said in a telephone interview.

The word "CIA" was mentioned nowhere in Symantec's post, but few if any doubt that that's where the tools come from. When WikiLeaks began releasing them in early March, it gave an unusually explicit account of how the tools had been taken from the CIA's Center for Cyber Intelligence. The U.S. government has since all but publicly accepted the embarrassing claim; about a week later, President Donald Trump told a television host: "I just want people to know the CIA was hacked, and a lot of things taken."

O'Brien said that while Symantec didn't dispute that assessment, pinning the tools on a specific government agency was "straying outside our area of expertise."

Intriguingly, O'Brien said one CIA tool was discovered breaking into an U.S. computer — only to uninstall itself almost immediately afterward.

"That, to us, smacks of an accidental compromise," we said. "Our assessment is it was likely a mistake."

___

Online:

Symantec's blog post: https://www.symantec.com/connect/blogs/longhorn-tools-used-cyberespionage-group-linked-vault-7

___

Raphael Satter is reachable on: http://raphaelsatter.com

image beaconimage beaconimage beacon