It seems like the spy-guys (or is it spy-people) can’t seem to catch a break. First it was Snowden; more recently it was Martin – both Booz Allen contractors at the NSA. Now it is the CIA. Wikileaks published thousands of documents, which appear to be real, describing CIA hacking tools. This includes, supposedly, at least a dozen ‘zero-day’ attacks for a variety of platforms including iPhone, Android and Windows.
Assuming this is all real, this will definitely make the CIA’s job harder as vendors patch holes that the CIA has known about for an unknown amount of time – maybe years – and decided to use the attacks rather than telling the vendors and letting them fix the bugs. This has been the argument about having U.S. Cyber Command being responsible for both hacking and defending us. Under President Obama there was a protocol to follow that formalized the process of whether they revealed a bug or kept it secret. That protocol did not stop them from keeping secrets as today’s leaks prove. That is part of what Wikileaks wants to reveal. Some people will consider that good; others will consider it bad.
The first set of documents, which Wikileaks calls Vault 7, contains about 8,700 documents of what they call Year Zero. The documents are purported to come from inside CIA Langley.
This series of documents follows a preview disclosure last month describing the CIA’s efforts to target French political parties and candidates during the 2012 elections – which sounds very similar to what we are accusing Russia of doing here, last year. What the CIA wanted to do with the information was not disclosed.
Apparently, the CIA’s hacker division called the Center for Cyber Intelligence (CCI), had over 5,000 users and had developed over a thousand hacking tools.
For what it is worth, Wikileaks says that their source wants to start a debate about whether the CIA has exceeded its authority and whether there is sufficient oversight. Clearly if the CIA develops a tool and the bad guys figure it out, that tool is out of control and there may not be a way to get the genie back in the bottle.
Wikileaks says that it has redacted some information and decided not to release the actual tools because of the risk that represents.
The CIA’s Engineering Development Group (EDG), which is part of CCI, is part of the Directorate for Digital Innovation, one of five directorates inside the CIA.
One of the tools that was disclosed is a tool to infect smart TVs so that they become covert eavesdropping devices, even when supposedly powered off.
Another project was to take over control of cars to perform covert and likely totally undetectable assassinations. There have been rumors about this in the past when there were some explainable car crashes that killed high profile individuals.
While the iPhone only represents about 15% of the global smart phone market, apparently the CIA has a whole branch dedicated to hacking them. This is likely due to the status symbol that the iPhone represents in government circles.
The CIA also has techniques to bypass the encryption of apps like Signal, Whatsapp, Wiebo, Confide and others. They do this not by cracking the encryption, but likely by covertly installing eavesdropping software on the phones to capture the data before it is encrypted or after it is decrypted.
After Snowden revealed that the intelligence community was hoarding zero day vulnerabilities, the Obama administration agreed to a process to decide which vulnerabilities to disclose, but, according to Wikileaks, the CIA did not follow those protocols and continued to hoard zero day vulnerabilities.
There is a huge amount of information released and reporters will likely be reviewing it for weeks, but Wikileaks says that there is much more to come. How much and when is not clear.
To me, what is most interesting is not that the CIA is doing this – everyone is doing this – but rather, even after Manning, after Snowden, and after Martin, just to name a few massive leaks, the intelligence community doesn’t seem to be able to stop the leaks.
What President Trump will do is not clear.
What Snowden said that he did and I assume what Wikileaks is doing also, is to distribute encrypted copies of unredacted documents to hundreds of media sources with the system set up to automatically distribute the keys if something bad happens to Wikileaks or its embattled founder, Julian Assange. I don’t know if this is true, but it is that only thing that makes sense to explain why Assange is still alive and Wikileaks is still online. *IF* it is known to the intelligence community that Wikileaks is in possession of some sort of nuclear option, they are likely to tread much more lightly around Wikileaks. Given what they have already published, this is certainly not out of the question.
Information for this post came from a Wikileaks Press Release.