James Bamford to La Repubblica on #WikiLeaks #CIA #Vault7
«There have been different revelations by WikiLeaks over the last month, I thought they were very interesting because the Nsa specialises in stealing information and the Cyber Command is only used during active war or in a kind of situation like Afghanistan, but the Cia uses its cyber capabilities for launching its cover wars, like the Stuxnet attacks. So, seeing this leak on what types of cyber attacks they can do is very interesting. They are different in the sense that the Nsa is doing eavesdropping on large access points, instead the Cia is more targeted on individual-type of attacks. One the most recent revelations, Marble Framework, was very interesting because it shows how the Cia can manipulate cyber attacks for making them look as if they come from some other places».
How good the Cia guys are at doing cyber operations?
«I think that Stuxnet shows the problems and it was the Cia that created Stuxnet along with Israel. That is what my sources told me: it was is a Cia job. It is indeed Cia's job to do the covert attacks, the Nsa can't legally do a cyberweapon-type attack, because the Nsa is part of the Department of Defense and that is why they created the Cyber Command: it can do cyberattacks only when there is an actual conflict or a situation like Afghanistan, but there are many other countries around the world where there are no conflicts and that is where the Cia comes in. The Cia is used for doing covert operations. The Cia was responsible for developing Stuxnet. It had the help of the Nsa and the Israelis, but actually pushing the button and launching the attack that has to be done by the Cia, but they screwed up, because they told the President at the time, president Bush and then president Obama: don't worry because the virus impacting on the Iranian nuclear facilities is not going to escape, it just attacks the centrifuges and even if the virus escapes it will not affect any other computer, and even if it escapes, nobody will be able to tell where it came from. It did escape, it did attack other computers - hundreds of thousands of computers - and it was identified as coming from the US in about a couple of months. Everything proved wrong and that is why they were very reluctant under Obama to pursue cyberwarfare, they were reluctant in doing this on North Korea»
«Before Stuxnet, Iran never had a Cyber Command and cyber attack capabilities. After Stuxnet, they developed one, and they began attacking the Aramco computers and banks in New York. Stuxnet ended up to be very meager, because it destroyed just a small percentage of their centrifuges and they just replaced them, so ultimately it was a disaster».
Is this Stuxnet disaster one of the reasons why we need acountability when it comes to the Cia cyber warfare capabilities?
«Definitely, Stuxnet was an act of war: it destroyed a portion of a country's infrastructure that was not attacking or threatening us. It had repercussions: it destroyed 30,000 computers. We have little oversight when it comes to cyberattacks and the repercussions can be very bad, we need oversight on that: this Administration is unpredictable, when it comes to intelligence and warfare, Obama was far more reluctant in launching cyberwar, they were very worried, having seen the disaster of Stuxnet. Trump people are totally unpredictable, they seem to want to attack everybody they don't like- such as North Korea, Syria and Iran, which is just insane because weaponised cyber attacks can lead to war».