Cybersecurity

WikiLeaks Dumps CIA Hacking Docs Online

WikiLeaks on Tuesday dumped thousands of classified documents onto the Internet, exposing hacking programs used by the U.S. Central Intelligence Agency.

The torrent of data is just the first in a series of dumps WikLeaks is calling “Vault 7.” This first installment includes 8,761 documents and files stolen from an isolated high-security network within the CIA’s Center for Cyber Intelligence in Langley, Virginia.

This first batch of data, according to WikiLeaks, introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal, and dozens of zero-day weaponized exploits against a wide range of U.S. and European company products — among them, Apple’s iPhone, Google’s Android operating system, Microsoft’s Windows OS, and Samsung’s smart TVs, which are turned into covert microphones.

The source leaking the documents to WikiLeaks did so to raise policy questions about the CIA’s hacking program, the organization said, and to open a discussion about the agency’s power and the government’s oversight mechanisms to keep it in check.

The CIA offered a terse response to WikiLeak’s actions: “We do not comment on the authenticity or content of purported intelligence documents,” agency spokesperson Heather Fritz Horniak told TechNewsWorld.

Bigger Than Facebook

According to WikiLeaks, by the end of 2016, the CIA had produced more than a thousand hacking systems, trojans, viruses and other weaponized malware.

“Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook,” it stated.

“The CIA had created, in effect, its ‘own NSA’ with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified,” WikiLeaks contended.

In a departure from the way it has carried out previous data dumps, WikiLeaks appears to have taken some steps to avoid collateral damage from its latest revelations.

“One thing that strikes me this time is the apparent care WikiLeaks took to redact sensitive information,” said Mark Graff, CEO of Tellagraff.

“They were much more responsible this time than they’ve been in the past,” he told TechNewsWorld.

Hurting US Security

WikiLeaks claimed it redacted ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States, and that it avoided including information in its data dump that could lead to the distribution of “armed” cyberweapons.

No matter how careful WikiLeaks may have attempted to be, its “Year Zero” data dump undermines U.S. national security, according to Robert Cattanach, an attorney with Dorsey & Whitney.

“WikiLeaks’ release will rock the intelligence communities,” he told TechNewsWorld.

The CIA’s ability to access the target devices and technologies certainly is compromised, Cattanach maintained, noting that the release appears to contain highly sensitive organizational and operational internal CIA information.

The uses foreign intelligence services might have for such data can only be imagined, he added.

Then there’s the threat of that actual tools the CIA has used for hacking having been obtained but not yet released, Cattanach said.

Loss of Important Tools

Although no source code for the hacking tools appear to have been included in this batch of data, the information that has been released may still be turned into a weapon, noted John Hayes, CTO of BlackRidge Technology.

“There are going to be some very bright people looking at this, and if they’re pointed in the right direction, you may be giving them enough hints to recreate some of this stuff even if they don’t have the source code,” he told TechNewsWorld.

The Vault 7 leaks have the potential to be very damaging to the U.S. intelligence community, said Adam Klein, a senior fellow with the Center for a New American Security.

“It could mean the loss of some very important tools for the intelligence community,” he told TechNewsWorld — “tools that would be directed at great power adversaries: Russia and China, rogue states like Iran and North Korea, terrorist groups, drug traffickers, and criminal enterprises around the world.”

The extent of the damage may be tempered if WikiLeaks has overplayed its hand.

“Given WikiLeaks’ past record, it is unlikely that all or even most of the allegations are true,” maintained James Scott, a senior fellow at the Institute for Critical Infrastructure Technology.

“If nothing else, the tools and malware capabilities provided are not exceptionally devastating over the tools and exploits already available on Deep Web markets and forums,” he told TechNewsWorld.

Authentication Needed

The first step the U.S. government should take is to authenticate the data in the dump, Scott said.

“If the documents are authentic, then the CIA already knows what secure network was compromised, which tools are now exposed, and what exploits now need to be patched against adversarial use,” he explained.

“After the Snowden incident and the NSA platform leak, it is possible that the agency even has an incident response plan for this scenario,” Scott added.

The Vault 7 material may have been turned over to WikiLeaks by a CIA insider, but the assistance of a nation state can’t be ruled out.

“Some experts are speculating that exfiltration at this scale would necessitate the involvement of a well-resourced nation state threat actor,” Scott said.

“These disclosures help the adversaries of the United States,” Klein added. “That’s not a concern for WikiLeaks, but it’s a concern of me — and it should be a concern of all Americans.”

John P. Mello Jr.

John P. Mello Jr. has been an ECT News Network reportersince 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, theBoston Phoenix, Megapixel.Net and GovernmentSecurity News. Email John.

1 Comment

  • Nothing is more factual than our government is indeed using technology to spy and gather data on all of its citizens. I find it hard to believe anyone would be so naive as to think its not. Not only is WikiLeaks just exposing this to what we already know. But that to say this destroys our ability to spy on terrorists is disingenuous. Mostly because terrorists have also gotten smarter about communications and have most likely already taken steps to avoid detection abilities of the US. Let’s also be honest here, the US intelligence is abysmal in keeping up with technology. Some agencies are using outdated hardware, easily hack able and its probably why they needed a blanket solution as they do to collect data. This is not a security group that can find a needle in one haystack. They need to gather all the hay from every farm and sift through it in order to find that needle, if they ever do. Yes, no doubt we need to stop the exposure of our security to the outside world. But we also must focus more on the bad guys and not everyone else. To gather data in such a large way usual ends up slowing down the ability to gather real evidence important to stopping threats. As much as its bad for Wikileaks to expose this, its also a reminder of how poorly our intelligence community is at protecting us.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Cybersecurity

Technewsworld Channels