March 12, 2017

WikiLeaks Unveils ‘Vault 7’: “The Largest Ever Publication Of Confidential CIA Documents”

We all know that WikiLeaks is an international non-profit organization that publishes secret information, news leaks, and classified media from anonymous sources. Recently, it has published what it claims is the largest ever release of confidential documents on the CIA. WikiLeaks released a huge set of files that it calls “Year Zero”.

It includes more than 8,000 documents as part of ‘Vault 7’, a series of leaks on the agency. A total of 8,761 documents have been published as part of ‘Year Zero’, the first in a series of leaks the whistleblower organization has dubbed ‘Vault 7.’ The massive set includes a host of hacking secrets that could embarrass intelligence agencies and the US government, as well as undermine spying efforts across the world.

WikiLeaks

According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.” Discussing the CIA’s Remote Devices Branch’s UMBRAGE group, Wikileaks’ source notes that it “collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states.

Key Highlights From The Vault 7 Release:

  • “Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.
  • Wikileaks claims that the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “Zero Day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
  • By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook.
  • The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
  • Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Vault 7

Here are six of the biggest secret of information yet to emerge:

1. The CIA Has The Ability To Break Into Android And iPhone Handsets, And All Kinds Of Computers:

The US intelligence agency has been involved in a concerted effort to write various kinds of malware to spy on just about every piece of electronic equipment that people use. That includes iPhones, Androids, and computers running Windows, MacOS, and Linux.

If that software is as powerful as WikiLeaks claims, it could be used to remotely control those devices and switch them on and off. Once that happened, a vast array of data would be made available – including users’ locations, messages they had sent, and potentially everything heard by the microphone or seen by the camera.

2. Doing So Would Make Apps Like Signal, Telegram, And WhatsApp Entirely Insecure:

Encrypted messaging apps are only as secure as the device they are used on – if an operating system is compromised, then the messages can be read before they encrypted and sent to the other user. WikiLeaks claims that has happened, potentially meaning that messages have been compromised even if all of the usual precautions had been taken.

3. The CIA Could Use Smart TVs To Listen In On Conversations That Happened Around Them:

One of the most eye-catching programs detailed in the documents is “Weeping Angel”. That allows intelligence agencies to install special software that allows TVs to be turned into listening devices – so that even when they appear to be switched off, they’re actually on.

That’s just one of the technologies created by the Embedded Devices Branch, the CIA division at the center of much of the leaks of new information.

4. The Agency Explored Hacking Into Cars And Crashing Them, Allowing ‘Nearly Undetectable Assassinations’:

Many of the documents reference tools that appear to have dangerous and unknown uses. One file, for instance, shows that the CIA were looking into ways of remotely controlling cars and vans by hacking into them.

“The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations,” WikiLeaks notes, in an unproven piece of speculation.

5. The CIA Hid Vulnerabilities That Could Be Used By Hackers From Other Countries Or Governments:

WikiLeaks claims that its source handed over the documents in order to provoke a debate about the power of intelligence agencies and how their information should be exposed. Perhaps central to that is the accusation that the CIA was “hoarding” exploits that it had found – rather than handing them over to the companies that could fix them, and so make users safe, as they had promised to do.

Such bugs were found in the biggest consumer electronics in the world, including phones and computers made Apple, Google, and Microsoft. But those companies didn’t get the chance to fix those exploits because the agency kept them secret in order to keep using them, the documents suggest.

“Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability,” a WikiLeaks statement read. “If the CIA can discover such vulnerabilities so can others.”

WikiLeaks noted that those unfixed exploits affected everyone using the equipment, including “the U.S. Cabinet, Congress, top CEOs, system administrators, security officers, and engineers”.

6. More Information Yet To Come:

The documents have still not been looked through entirely. There are 8,378 pages of files, some of which have already been analyzed but many of which hasn’t. The files are being shared publicly on the WikiLeaks website and the organization has encouraged its supporters to keep looking through the documents in the hope of finding more stories.

And that’s not to mention the other sets of documents that are coming. The “Year Zero” leaks are just the first in a series of “Vault 7” dumps, Julian Assange said.

About the author 

Vamshi


{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}