Obamas CIA really screwed up, Democrats demand Republicans fix it !
https://www.scmagazine.com/home/security-news/woefully-lax-security-led-to-wikileaks-vault-7-dump/
Sen. Ron Wyden, D-Ore., pressed new Director of National Intelligence John Ratcliffe detail security measures taken to safeguard sensitive intelligence after an internal CIA report said “woefully lax security” at the Center for Cyber Intelligence led to the “largest data loss in CIA history” – the leak of hacking tools to Wikileaks.
Wyden had obtained a copy of the nearly three-year-old report on the 2017 “Vault 7” leak that occurred a year after hackers stole what could be as much as 34T of data.
“We failed to recognize or act in a coordinated fashion on warning signs that a person or persons with access to CIA classified information posed an unacceptable risk to national security,” the WikiLeaks Task Force report said, noting that “in a press to meet growing and critical mission needs, CCI had prioritized building cyber weapons at the expense of securing their own systems.”
In a June 16 letter, Wyden demanded that Ratcliffe explain why the intelligence community hasn’t protected its .gov domains with multifactor authentication, despite a 2019 emergency directive by CISA to implement the measure after reports that Iranian hackers were engaged in a Domain Name System infrastructure hijacking campaign. The IC’s Joint Worldwide Intel Communications System (JWICS) also hasn’t adopted DMARC, the senator wrote.
He also pressed for answers as to why the DNI, the CIA and the National Reconnaissance Office have failed to enable DMARC, asking Ratcliffe to provide “an estimate for when you expect to have implemented this cybersecurity best-practice across the intelligence community.”
Wyden wants a timeline for adoption of the IC Inspector General’s 22 cybersecurity recommendations.
“It is now clear that exempting the intelligence community from baseline federal cybersecurity requirements was a mistake,” Wyden said.