Image source: Wikimedia Commons
The WikiLeaks release of CIA hacking techniques delivers a public relations blow to the agency. The leaks also presage an increased risk of hacking of corporations.
WikiLeaks released thousands of documents that it says expose CIA cyber-spying capabilities. The documents reveal tools and procedures the CIA uses to hack smartphones, personal computers and web-connected televisions. Experts say the documents appear to be authentic. Observers call it the largest breach of government security ever, larger than the Edward Snowden NSA leaks
In its press release, WikiLeaks said its source was concerned about lack of public oversight of the agency. WikiLeaks alleges the CIA has “lost control” of its “weaponized malware.” “Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike,” WikiLeaks charges.
The CIA Rebuttal
The revelations prompted the usually tight-lipped CIA to issue a statement criticizing WikiLeaks. The agency didn’t comment on the authenticity of the documents. The CIA’s job is to collect foreign intelligence overseas. It does not spy on Americans at home.
The public should be “deeply troubled” by the leaks, the CIA said. “Such disclosures not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm,” it stated
“It is CIA’s job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less,” the statement from the spy agency said. “CIA activities are subject to rigorous oversight to ensure that they comply fully with U.S. law and the Constitution.”
Another Alarm Bell for Corporations
“This is another alarm bell for all clients dealing with sensitive information that anything you say or email can potentially become public knowledge,” Gil Rudawsky, vice president of GroundFloor Media, told PRDaily. “If the CIA can get hacked or has a leak, what about businesses that spend millions of dollars less on maintaining secrecy of proprietary information?”
Rudawsky and other PR experts advise organizations to prepare plans for responding to security breaches and other types of cyber-attacks. A communications plan for security threats lays out clear protocols for what you expect to do, how you will respond, and how the public and stakeholders will be notified. PR and other communications professionals take a leading role in responding to the public and stakeholders.
“Ideally, you should have a pre-approved message bank that can be used to respond to comments on social media, Jeremiah McWilliams, senior communications strategist at Jackson Spalding, writes in O’Dwyer’s. “Don’t just use boilerplate over and over — empower your social media team to use their judgment, with oversight from senior executives.”
The hackers now have powerful new tools. Corporations must implement new security techniques to prevent data breaches and leaks. Communications departments must prepare detailed strategic plans to inform customers and the public if and when corporate data has been compromised. Such events are now increasingly more likely – and the consequences will almost certainly cause more financial and reputational damage than data breaches in the past.
Bottom Line: The WikiLeaks disclosure about CIA cyber-spying abilities and techniques creates a PR crisis for the agency. The revelations also highlight the vulnerability of corporations. All businesses and not-for-profits now face increased risk that sensitive information can become public. Careful development and implementation of detailed strategic plans for responding to data breaches and other leaks can mitigate the damage.
William J. Comcowich founded and served as CEO of CyberAlert LLC, the predecessor of Glean.info. He is currently serving as Interim CEO and member of the Board of Directors. Glean.info provides customized media monitoring, media measurement and analytics solutions across all types of traditional and social media.
