CIA Silent About Wikileaks Agency Files
In what appears to be the largest leak of CIA documents in history, WikiLeaks has recently released thousands of pages describing sophisticated software tools and techniques used by the agency to break into smartphones, computers and even Internet-connected televisions.
The documents amount to a detailed, highly technical catalog of tools. They include instructions for compromising a wide range of common computer tools for use in spying: the online calling service Skype; Wi-Fi networks; documents in PDF format; and even commercial antivirus programs of the kind used by millions of people to protect their computers.
A program called Wrecking Crew explains how to crash a targeted computer, and another tells how to steal passwords using the autocomplete function on Internet Explorer.
Other programs were called CrunchyLimeSkies, ElderPiggy, AngerQuake and McNugget.
This is a trove of information on alleged CIA hacking tools released by Julian Assange’s WikiLeaks organisation, which reveals that the agency maintains the capability to hack consumer devices, will raise many questions for users and technology companies alike.
Everyday consumer devices including smartphones running iOS and Android operating systems, Windows and Mac computers, and even smart TVs made by manufacturers such as Samsung have all been targeted by the CIA.
The CIA had no comment about Wikileaks claim of the existence and function of key hacking tools in a document dump that Wikileaks calls “the largest intelligence publication in history.”
The thousands of leaked documents focus mainly on techniques for hacking and reveal how the CIA cooperated with British intelligence to engineer a way to compromise smart televisions and turn them into improvised surveillance devices.
The leak, named “Vault 7” by WikiLeaks, will once again raise questions about the inability of US spy agencies to protect secret documents in the digital age.
It follows disclosures about Afghanistan and Iraq by army intelligence analyst Chelsea Manning in 2010 and about the National Security Agency and Britain’s GCHQ by Edward Snowden in 2013.
Wikileaks officials claimed to have obtained and posted, “8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.”
Wikileaks said, “Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, Trojans, weaponised "zero day" exploits, malware remote control systems and associated documentation.
“This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former US government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of US and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones”.
Some cyber-security researchers immediately called the claims uncorroborated and misleading. It has long been the case that hackers who gain physical access to a phone, for example, may be able to read text written in various messaging apps. It’s hard to tell whether the tools described in the dump would allow a spy to enter your phone from anywhere.
They urged users to remain calm, and not to take the Wikileaks post as a reason to abandon the use of encrypted messaging apps.
Among other purported revelations, Wikileaks said, the documents show that the CIA and British intelligence outfit MI5 developed malware to listen in on the microphones in Samsung smart TVs; and that the US consulate in Frankfurt, Germany, has become a hub for US signals intelligence agents and engineers traveling under diplomatic passports.
The German government said it took the publication of thousands of pages of internal CIA discussions by anti-secrecy group Wikileaks seriously, but could not verify the authenticity of the documents.
German media have seized on documents in the latest Wikileaks documents which show that the CIA used the US consulate in Frankfurt as a major remote hacking base.
A spokesman for the foreign ministry said the German government was in close touch with US authorities about the issue.
In their post, Wikileaks said they had redacted some of the posted emails and communications to avoid “the ‘distribution of ‘armed’ cyber-weapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analysed, disarmed and published.”
The group also hinted that the documents were leaked by a source inside the agency. “The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyber-weapons,” they wrote.
“The source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.”
Asked for comment, CIA spokesperson Jonathan Liu said, “We do not comment on the authenticity or content of purported intelligence documents.”
In an interview the National Counter Intelligence Executive, William Evanina, described how hard it remains to thwart insiders who want to leak data.
“To no extent are we capable of stopping someone from doing damage who wants to. It’s not possible,” said Evanina.
“The same way you can’t stop someone from starting a fire who wants to be an arsonist.”
Still, there is plenty of reason to be skeptical about documents published by Wikileaks, about their veracity, whether they might have been tampered with, who provided them, and so on.
Independent research and the intelligence community have determined that Wikileaks has routinely published documents and data given to it by Kremlin-linked intelligence agencies.
If the new Wikileaks dump proves valid, and the source does turn out to be a mole inside the CIA, then it will be the second release of information about critical intelligence tools in a year by an insider.
On Aug. 27, NSA contractor Harold Martin III was arrested for hoarding agency documents. He is suspected of offering NSA tools for sale.
The group claims that its revelations are just scratching the surface.
“Wikileaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They’re there. Look. Those who demonstrate journalistic excellence may be considered for early access to future parts,” they write.
Russia
To attribute the document-drop to pure altruism on the part of Wikileaks would probably be a mistake. In fact, it seems to be setting the stage for an organized communications campaign to discredit the intelligence community assessment on the DNC hack, which would suggest the source could have been the Kremlin (at very least, they were quick to capitalise on the development.)
Both the intelligence community and private cyber security researchers have determined that Russian actors stole both the DNC and John Podesta emails published to Wikileaks.
A portion of the Wikileaks statement released today reads: “The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation…With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.”
Pro-Russian information sites and trolls were quick to notice the claim.
NYT: Guardian: DefenseOne: Wikileaks: Ein News: Guardian:
