Feeds

CIA sacks four in secret chat room hack

Boyz will be boyz

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The CIA this week sacked four employees, suspended ten, and yanked the security clearances of nine contractors who had hacked the Agency's networks and set up a secret chat room in which they exchanged "inappropriate" e-mail and other materials. The hack had involved some 160 participants over the years and went undetected since its beginnings the mid-1980's.

One member of the Senior Intelligence Service and three others have lost security clearances, "rendering them ineligible for continued CIA employment," the Agency said in an internal memo.

Eighteen others received letters of reprimand and are likely to be suspended without pay for periods of five to 45 days depending on their level of involvement, the Agency said.

Eight employees were exonerated, and seventy-nine others with "minimal involvement" received warning letters, which are not nearly as bad as the dreaded letters of reprimand.

The nine contractors who lost their security clearances will be unable to accept CIA contracts in future.

"Every effort was made to understand and distinguish the role, knowledge and responsibility of each participant," CIA spokesman Mark Mansfield is quoted by the Washington Post as saying.

The Agency's heavy-handed response to a minor infraction is most likely the product of bad press surrounding CIA security in the wake of former Director John Deutch's appalling mis-handling of sensitive data on his home computers.

The fact that upwards of 160 employees maintained a secret chat room on Agency computers for roughly fifteen years is clearly a badge of shame for an organisation which prides itself on technical savvy and information-gathering prowess. ®

Internet Security Threat Report 2014

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.