On Tuesday, Wikileaks published thousands of documents online that they claim were taken directly from the Central Intelligence Agency’s Center for Cyber Intelligence. The documents purport to demonstrate a number of the tools and methodologies employed by intelligence gatherers at the CIA, including the ability to hack into a number of different kinds of “smart” technology, such as cell phones and even televisions.
While the documents have yet to be independently verified, experts from a number of media outlets, including SOFREP staffers, are currently piling through the documents in order to determine their credibility – but initial reports indicate that the documents at least appear to be legitimate.
Nearly 8,000 web pages with 943 attachments were released by Wikileaks, who claim that this is only the first installment of a number of releases they have planned regarding the information they obtained from the CIA. According to the Wikileaks web page, these documents (which they refer to as Vault 7) had been “circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”
Their press release goes on to discuss the level of control they claim the CIA can enact over the electronic devices in our lives by stating that the release, “introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of ‘zero day’ weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.”
According to the Wikileaks statement, this release is intended to prompt policy questions that “urgently need to be debated in public, including whether the C.I.A.’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.” The source, the group said, “wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.”
Dean Boyd, a spokesman for the CIA, said, “We do not comment on the authenticity or content of purported intelligence documents.”
Wikileaks has been accused of recklessly releasing information they’ve gathered in the past, much of which was provided by Chelsea Manning, a former Army intelligence soldier who is set to be released later this year after serving seven years in prison for facilitating the breach. This time, Wikileaks claims to have redacted names and other identifying information from the data, and won’t release the code for the actual “tools” discussed in the documents “until a consensus emerges on the technical and political nature of the C.I.A.’s program and how such ‘weapons’ should be analyzed, disarmed and published.”
The tools discussed in the released documents can theoretically take control of most smartphones on the market, or even turn on the microphones in some brands of internet connected televisions while the screen remains off. According to Wikileaks, it was important to disclose this information because the CIA has not notified the manufacturers of these devices about the methods they can employ to access them – leaving them vulnerable to hacking from other parties as well.
Although the documents have not been verified yet, it seems likely that the CIA isn’t pleased with the release. This could prove to be yet another large breach of data security at the hands of insiders, not unlike previous incidents with Chelsea Manning or Edward Snowden.
“There’s no question that there’s a fire drill going on right now,” said Jake Williams, a security expert with Augusta, Georgia-based Rendition Infosec. “It wouldn’t surprise me that there are people changing careers and ending careers as we speak.”
Image courtesy of the Associated Press