IT Service Providers Scramble to Protect Customers After CIA Cyberweapons Leak

The steps taken by cybersecurity firm Digital Guardian mirrors activity at a range of IT services outfits, which found themselves scrambling to identify the new exploits and fix as much as possible as quickly as possible.

Aldrin Brown, Editor-in-Chief

March 10, 2017

3 Min Read
IT Service Providers Scramble to Protect Customers After CIA Cyberweapons Leak

Needless to say, it was a busy week at managed security services provider (MSSP) Digital Guardian.

The release by WikiLeaks this week of secret C.I.A. cyberweapons and methods for hacking into smartphones, computers and even smart TVs, set into motion a chain of responses aimed at protecting customers from a variety of previously unknown threats.

The steps taken by Digital Guardian likely mirrored activity at a range of IT services outfits, which found themselves scrambling to identify the new exploits, asses which clients might be vulnerable, and fix as much as possible as quickly as possible, before the exploits fully reach the wild.

“We need them to patch those vulnerabilities,” said Tim Bandos, director of cybersecurity at Digital Guardian.

Bandos

The document dump appears to reveal hundreds of millions of lines of code containing secret C.I.A. cyber-weapons, including “malware, viruses, Trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation,” WikiLeaks said in a statement.

According to the release, the C.I.A. and other allied intelligence services have cracked Apple and Android smartphones, and can circumvent encryption on services like Signal, WhatsApp and Telegram.

Bandos and his team at Digital Guardian were among those who immediately began poring over the documents, trying to gauge the implications.

“One thing that we do is make sure that our technology hasn’t been exploited,” Bandos said, noting that numerous hardware and software vendors learned for the first time of vulnerabilities to their products.

Thus far, WikiLeaks has refrained from releasing the full code for the cyberweapons, in part, until it can ensure they can be disarmed.

“I think this is an effort to allow time to patch a lot of these issues,” Bandos speculated. “The fact that they haven’t released the actual code, leaves me with a bit of confidence.”

Ultimately, Bandos expects that WikiLeaks will release the full cyberweapons and hopes that by then, affected vendors – including major names like Cisco, Apple and Symantec – will have addressed the flaws.

“Every vulnerability will be different,” he said. “I think, really, the delay is going to be in getting (patches) deployed out to the consumers.”

“If you look at the smart TVs, they’ll have to update the firmware,” Bandos added. “You can’t just automatically push that out.

“Someone is going to have to connect to the Internet and download the update. There’s going to be a lag.”

The process is well underway at Digital Guardian.

“If we’re running anything that has those holes, we are proactive,” Bandos said.

“We’re cross-referencing all of the things that have been mentioned,” he continued. “We’re then monitoring those (vendor) sites to find out when the patch is available and we’ll immediately push that out to our customers.”

The wave of new threats is expected require close attention and careful monitoring for some time to come.

“We’re always looking for that kind of thing anyway,” Bandos said. “But we’re definitely on high alert.”

 

Send tips and news to [email protected].

Read more about:

AgentsMSPsVARs/SIs

About the Author

Aldrin Brown

Editor-in-Chief, Penton

Veteran journalist Aldrin Brown comes to Penton Technology from Empire Digital Strategies, a business-to-business consulting firm that he founded that provides e-commerce, content and social media solutions to businesses, nonprofits and other organizations seeking to create or grow their digital presence.

Previously, Brown served as the Desert Bureau Chief for City News Service in Southern California and Regional Editor for Patch, AOL's network of local news sites. At Patch, he managed a staff of journalists and more than 30 hyper-local and business news and information websites throughout California. In addition to his work in technology and business, Brown was the city editor for The Sun, a daily newspaper based in San Bernardino, CA; the college sports editor at The Tennessean, Nashville, TN; and an investigative reporter at the Orange County Register, Santa Ana, CA.

 

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like