Former CIA engineer allegedly leaked Vault 7 hacking tools

Former CIA employee Joshua Adam Schulte has been identified as a top suspect behind the leak last year of the Vault 7 secret computer hacking tools used by the agency in espionage operations, although the FBI had previously suspected contractors, writes The Washington Post. The document Wikileaks received allegedly contained over 8,000 pages of documented techniques.

DevOps Connect:DevSecOps @ RSAC 2022

Although the man’s apartment has been searched and a number of notes, notebooks and computer equipment has been retrieved, the evidence was not strong enough to indict him. His attorney claims “those search warrants haven’t yielded anything that is consistent with [Schulte’s] involvement in that disclosure.”

Schulte was part of the CIA’s Engineering Development Group responsible for writing code used in cyberespionage. He is currently in prison in Manhattan on child pornography charges issued in August 2017. He has pleaded not guilty to the pornography charges.

The US government has not brought charges against him despite months of investigations. The Vault 7 investigation is advancing and Schulte “remains a target of that investigation,” the prosecutor said.

Some argue the Vault 7 leak could cause more harm than Edward Snowden’s revelations, because these are the actual tools the CIA used to hack messaging apps and electronic devices such as routers, computers, phones and TVs to exfiltrate data. The CIA hacking tools could also be used against US national security.

Before the CIA, Schulte worked for the NSA, and claims he was “the only one to have recently departed [the CIA engineering group] on poor terms,” after reporting “incompetent management and bureaucracy.”

The CIA refused to comment.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Luana Pascu. Read the original post at: