Search this website
Image Credits: Wikipedia
Wikileaks released a data dump of what it is calling as the alleged Central Intelligence Agency (CIA) tools used for hacking into smart devices. The leak is code-named Vault 7 and comprises around 8761 documents, which have been sourced from an isolated high-security network inside CIA’s Centre for Cyber Intelligence.
These documents that have been released primarily deal with techniques that are allegedly used by CIA for hacking and surveillance. These tools are used to break into smartphones, messaging apps as well as other electronic devices such as smart TVs.
What is Vault 7?
Vault 7 is the code-name for the collection of documents that were leaked by Wikileaks, documents that have been sourced from CIA’s Centre for Cyber Intelligence. According to Wikileaks, CIA had recently lost a lot of its hacking tools including malware, viruses, trojans, weaponised ‘zero day’ exploits along with their associated documentations. This comprised over a 100mn lines of code as well. This basically has given the original hacker access to CIA’s tools and software, which is being circulated in an unauthorised manner among former US govt hackers as well as contractors. One such independent entity has provided Wikileaks with part of the entire archive.
What is at stake?
The ‘zero day’ exploits in the data dump include programs to target US and European products. This includes Apple’s iPhone, Google’s Android smartphones and tablets, Microsoft Windows OS along with messaging apps. It even had tools to convert Samsung Smart TVs into covert microphones!
CIA has an Engineering Development Group (EDG) within its software development group called Centre for Cyber Intelligence (CCI). The CCI is part of the Directorate of Digital Innovation (DDI) group, which is one of the give major directorates of the CIA.
A tool called ‘Weeping Angel’ which has been developed by CIA’s Embedded Branch Division (EDB) has been used to infiltrate smart TVs and has converted them into covert, always-on microphones. The Samsung Smart TV attacks mentioned in one of the documents talks about how the Weeping Angel program would trigger a ‘Fake-Off’ mode on the smart TVs. This would make the users think that their TV was off, when in fact it wasn’t and was slyly recording audio conversations. CIA also had plans to infest vehicle control systems that are used by modern cars and trucks.
According to Wikileaks, CIA’s Mobile Devices Branch (MDB) has been instrumental in infecting smartphones via remote hacking and control techniques. The infected phones can send CIA information pertaining to geolocation, audio and text communication and also covertly activate the users’ phone camera and microphone. Apple iPhones and iPads have also been under attack via these malwares. Android smartphones from players such as Sony, HTC and Samsung were also targetted. According to the leak, CIA had around 24 weaponised Android ‘zero days’ attacks ready, which were developed inhouse as well as got from GCHQ, NSA and other cyber arm contractors. According to Wikileaks, some of the programs even let CIA bypass the encryptions on services such as WhatsApp, Signal, Telegram, Wiebo, Confide and so on by hacking audio and message traffic before encryption is applied.
The CIA also has tools to infect Microsoft Windows users by releasing zero-day exploits, air gap jumping viruses which infects software distributed on CD/DVDs, systems to hide data in images and so on. There are tools to infect and control other operating systems such Mac OS X, Solaris, Linux and more.
Some revelations from the leak
Wikileaks claims to have done around 70,875 redactions in total. The redactions include names, email addresses and external IP addresses. Wikileaks, which has in the past released war logs without much redactions had come in for a lot of flak. But with this data dump Wikileaks has taken special precautions and its own time to redact information which could prove detrimental to the objective of the leak.
Additional redactions include: Authors of some of the documentation; redacted names are replaced with user IDs so readers have a track; archive attachments have been replaced with a PDF listing all the file names in the archive; attachments with binary content has been replaced by a hex dump to prevent accidental invocation of binaries; routable IP addresse references; and more.
The motive behind the leak
The leaker that Wikileaks spoke to has questioned whether CIA’s hacking capabilities have gone way beyond the power mandated to it. The source has also made clear that he/she wants to start a public discussion on the ‘security, creation, use, proliferation and democratic control of cyber weapons.’
Image Credit: Reuters
Julian Assange’s statement on the matter
Julian Assange, WikiLeaks editor said, “There is an extreme proliferation risk in the development of cyber ‘weapons’. Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of “Year Zero” goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”
The reason behind the timing
According to Wikileaks, the data leak has been published now because it has been completely verified, analysed and all the redactions have been made.
“In Febuary the Trump administration has issued an Executive Order calling for a “Cyberwar” review to be prepared within 30 days. While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date,” says Wikileaks.
Wikileaks Vault 7: How CIA allegedly used hacking tools to infest your smartphones, smart TVs and more