WikiLeaks (read: Julian Assange) has released a massive cache of alleged CIA documents related to the US agency’s cyberwar efforts. The information purportedly reveals covert CIA hacking tools that can take over iPhones, Android phones, internet-connected TVs and pretty much any type of computer.
If the leaks are authentic (and there’s reason to believe they are), this means the agency can snoop on any encrypted message around the world by intercepting the missive before encryption is applied. Here’s everything we know so far.
The Tuesday release, codenamed Vault 7, is apparently part of a larger series that WikiLeaks is calling “Year Zero”. The initial dump allegedly contains “8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina [sic],” according to a WikiLeaks press release.
Sources who spoke to The Wall Street Journal said the revelations were far more significant than the leaks of Edward Snowden, the former National Security Agency contractor who exposed active surveillance programs in 2013. While the Snowden leaks provided a “briefing book” on US surveillance, the new leaks could provide the “blueprints”.
WikiLeaks does not identify the source of the documents, other than claiming that an archive of leaked CIA data was “circulated among former U.S. government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive circulated”. Citing an anonymous source in the intelligence community, The New York Times reported that at least some of the information in the documents “appeared to be genuine”. This assertion is backed by one Edward Snowden:
Still working through the publication, but what @Wikileaks has here is genuinely a big deal. Looks authentic.
— Edward Snowden (@Snowden) March 7, 2017
Regardless of their origin, the documents appear to describe some incredibly scary-sounding hacking tools. WikiLeaks highlighted a few of them in its release, including malware that can infest any smartphone on the planet, an app called “Weeping Angel” that turns Samsung Smart TVs into always-on microphones for CIA spying, and a program called “Fine Dining” that helps agents build customised cyber weapons for specific purposes.
The documents also purportedly outline how the CIA builds these weapons, stockpiles zero-day exploits without telling the companies like Google who could fix them, and then fails to keep the malware from getting into the wrong hands. If this is true, WikiLeaks says that “rival states, cyber mafia and teenage hackers alike” could be using these weapons right now.
So that’s a scary thought. However, there are plenty of reasons to believe that WikiLeaks’ description of the documents — if not the documents themselves — is misleading. For instance, the organisation claims that techniques detailed in the Vault 7 documents describe a method “to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied”.
It’s currently unclear exactly how these techniques work or whether they were designed to undermine trusted apps like Signal. Perhaps Assange and company are just throwing out the names of those apps for some narrative flair.
Some experts say that the documents look legit, regardless. “At first glance, [the release] is probably legitimate or contains a lot of legitimate stuff, which means somebody managed to extract a lot of data from a classified CIA system and is willing to let the world know that,” Nicholas Weaver, a security researcher at UC Berkeley, told The Washington Post. The CIA told the paper, “we do not comment on the authenticity or content of purported intelligence documents.”
Given the size of the dump, it will take time for reporters and researchers to comb through the data and identify the most shocking revelations. Nonetheless, the very notion that the CIA’s most secure servers leaked thousands of documents looks very bad for the intelligence community as well as the US government. It was just five weeks ago that a draft of President Donald Trump’s executive order on cybersecurity became available, and the WikiLeaks dump hit the web just hours after several outlets reported that Trump’s order would be released very soon. WikiLeaks claims that the timing of Trump’s cybersecurity order and the Vault 7 release are unrelated.
This is a developing story that we’ll be following closely. You can read the full WikiLeaks press release (typos and all) and find links to the alleged CIA documents here.