On Tuesday (3/7/17), it was reported that Wikileaks dumped over 8000 CIA classified documents in what is thought to be the biggest leak of the CIA in its history.
Wikileaks gave this series of leaks a code-name “Vault 7”, and its 8761 total documents come from a network inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.
The former CIA Director, Michael Hayden, told MSNBC that if the documents turn out to be authentic, the leaks would be “very, very damaging.”
It is impossible for people to have gone through every last document at this point, but from what we do know so far, it appears to be things like instruction manuals, support docs, notes, and conversations about exploiting vulnerabilities in smartphones; and making smart TVs listen and record everything said in the room.
Wikileaks has said that this is the first in a series of leaks on the CIA, called “Year Zero”, and its intent is to introduce - to the world - the size and direction of the agency’s global covert hacking program, its catalog of malware programs, and many “zero day”, weaponized exploits against a whole host of American and European products. This includes Microsoft Windows, Google Android, Apple iPhone, and Samsung smart TVs.
It is believed that a source inside the agency took the data in question in order to create a public debate around the CIA, its expanded hacking capabilities vs its mandated powers, and how to create the proper oversight needed to keep them in check.
It has basically created its own NSA, but the CIA’s powers go even less checked, with virtually no accountability or anyone to oversee their operations. This is why they've spent untold millions of dollars to recreate an agency (NSA) that is already effective at its job.
Julian Assange, WikiLeaks editor, said, "There is an extreme proliferation risk in the development of cyber 'weapons'. Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of "Year Zero" goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."
The CIA's elite hacking tools are developed by the Engineering Development Group (EDG), which is a software development group within the Center for Cyber Intelligence, and is a department belonging to the CIA’s Directorate for Digital Innovation (DDI). It is said that DDI is one of the 5 major directorates of the CIA.
EDG develops and tests all of the CIA’s global and covert operations that deal with different types of malware, trojans, viruses, exploits, and backdoors.
An interesting malware is called “Weeping Angel”, and it was developed by the Embedded Devices Branch (EDB) of the CIA. “Weeping Angel” infects smart TVs without the user’s permission or knowledge, and turns them into covert microphones which pick up everything said in the room and records it.
“Weeping Angel” was used in cooperation with the United Kingdom’s MI5/BTSS unit to infect Samsung smart TVs. It places the target TV in “fake-off” mode, which looks like to the owner that the TV is off, when in reality, it is on and listening - sending recordings over the Internet to undisclosed CIA servers.
The infected phones can send video, microphone recordings, GPS location, text, and talk conversations as well.
“Year Zero” data shows that as of 2016, the CIA had “weaponized” at least 23 Android “zero days”, or yet unknown exploits, bugs, or vulnerabilities in the source code, and purposely left them broken so the agency could take advantage of them as needed.
Comments will be approved before showing up.