Wikileaks publishes more than 8,000 documents on CIA hacking tools
Saul Loeb (AFP/File)
Whistle-blowing site Wikileaks on Tuesday published more than 8,000 documents detailing the US Central Intelligence Agency's hacking tools, including turning your TV into a listening device, bypassing popular encryption apps, and possibly controlling your car.
WIkileaks has dubbed the document collection "Vault 7," and claims that it is the "largest ever publication of confidential documents on the agency."
According to a press release from the site, the 8,761 documents and files released Tuesday are the first part of a series to be published. The first part of the series has been code-named "Year Zero."
The documents originated from "an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina," according to Wikileaks, and were obtained from a person who formerly worked as a U.S. government hacker and/or contractor.
WikiLeaks said the documents show the CIA has produced more than 1,000 malware systems -- viruses, trojans, and other software that can infiltrate and take control of target electronics.
The CIA would neither confirm nor deny the documents were genuine, or comment on their content.
"We do not comment on the authenticity or content of purported intelligence documents," said spokesman Jonathan Liu in an email.
Wikileaks alleges that not only did the CIA produced malware to infest Apple and Android phones, as well as Smart TVs, computer operating systems, and "looking at infecting the vehicle control systems used by modern cars and trucks," but that they "lost control" of these tools as well.
While the purpose of infecting vehicle control systems was not revealed in the documents, Wikileaks said that "it would permit the CIA to engage in nearly undetectable assassinations."
The documents reveal that the spy agency developed or obtained numerous "zero days" or vulnerabilities which would allow it to bypass encryption for apps such as Whatsapp, Telegram, Signal Wiebo, and Confide. These "zero days" allowed hackers into the user's phone, so that they could retrieve audio and text files from these applications prior to the encryption being applied, said Wikileaks.
Other hacking tools and malware allowed the CIA to program Smart TVs to have a "fake off" mode, where the owner falsely believes that the device is off when in fact it is still on and being used by the agency as a "covert microphone."
CIA 'lost control'
According to Wikileaks, over the last three years, the US government's intelligence agencies, including the CIA, NSA and contractors working for them, have "been subject to unprecedented series of data exfiltrations by its own workers."
"Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation," said Wikileaks, adding "This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA."
Wikileaks notes that there are numerous reasons for such leaks, such as the existence of a global market in which there are offers of payment of up to millions of dollars for such tools, or the desire for companies to use the technology for their own gains to get an edge over their competitors.
The site also alleges that the Obama administration promised that they would "disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers," so that these companies could develop solutions to the vulnerabilities to keep foreign or malicious entities from exploiting them.
The CIA never honored this commitment, said Wikileaks, noting that "once a single cyber 'weapon' is 'loose' it can spread around the world in seconds."
Additionally, the CIA never designated it's weaponized malware systems as "classified," as many communicate using the internet. It is illegal to place classified information on the internet, so if the CIA classified these materials, it would lead to the prosecution or dismissal of its agents.
Further constitutional restrictions mean that the government cannot copyright these systems, therefore, "cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained," said Wikileaks.
"Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals," WikiLeaks said.
In a statement, WikiLeaks founder and chief editor Julian Assange said that the documents show the "extreme risk" of the uncontrolled spread of cyber weapons.
"Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade," he said.
You need to be logged in in order to post comments. Sign up or log in