Did WikiLeaks just unmask CIA cyberoperations?
Nearly four years after Edward Snowden leaked top-secret details exposing听National Security Agency surveillance programs, the US intelligence community is facing another crisis that could听change听the face of modern espionage.
On Tuesday, the antisecrecy site WikiLeaks began posting what it claims to be "the largest ever publication of confidential documents" on the CIA. The documents appear to reveal听the agency's听vast and technically sophisticated methods for听exploiting security vulnerabilities in iPhones, Android devices, Samsung TV sets, and Microsoft systems to carry out covert cyberoperations.
"If this is what it pretends to be, it looks like a very extensive file of the tactics, techniques, procedures, targets, and political rules under which the Central Intelligence Agency conducts its computer network exploitation and other activities,"听Michael Hayden,听former head of the CIA and National Security Agency, told NBC News on Tuesday.
For its part, a CIA spokesperson said, "We do not comment on the authenticity or content of purported intelligence documents."
WikiLeaks says its first batch from the CIA tranche includes 8,761 documents obtained from inside the agency's Center for Cyber Intelligence and "the majority of its hacking arsenal."
While many experts say it's too early to say for certain that all of the leaked computer programs are genuine, there's a growing consensus among cybersecurity experts that the leak has indeed exposed critical agency hacking tools.听
Leaking the computer code and methods, many experts say, could have far-reaching and potentially devastating听ramifications not just for agency operations, but for companies and consumers because of the number of digital flaws revealed in the leaks, which WikiLeaks has dubbed Vault 7.
"I liken it to people handing out Kalashnikovs and grenades on the street," says Tom Kellermann, chief executive officer at Strategic Cyber Ventures. "It's not only about undermining confidence. These weapons can now be turned against US corporations and civilians."
The Vault 7 dump听also appears to show the considerable efforts the agency has gone to compromise cybersecurity听and antivirus software with high-grade software tools. For instance, previously unknown software flaws revealed in the leak 鈥 known as zero-day vulnerabilities 鈥 indicate the agency could intercept private chats by compromising iPhones and Android-enabled devices, nabbing messages that would be secured by听apps such as听Signal, WhatsApp, and Telegram听before they are encrypted.
Other tools revealed in the dump provided various techniques for the agency to infect systems and swipe sensitive documents.听One tool, referred to as听"HammerDrill," could apparently let CIA operatives break into "air gapped" facilities that are physically isolated from insecure networks.
Another flaw in Samsung smart TVs, called "Weeping Angel," purportedly developed in tandem with British intelligence,听could allow snoopers to listen in on conversations by appearing to power off the device while secretly uploading recordings to a remote server.
The documents, that WikiLeaks says originate from 2013 to 2016, indicate that the CIA allowed agents to use the US consulate in Frankfurt as a base for digital espionage efforts around the globe, including in Europe, the Middle East, and Africa, providing a diplomatic cover and guises to get past customs.
"The stuff that's represented in the documents 鈥 there's even source code 鈥 these are things that are effectively burned,"听says Jake Williams, a former Pentagon software analyst who currently works at the cybersecurity firm听Rendition Infosec.
Now that the vulnerabilities have been revealed, tech companies will begin updating their systems to repair their vulnerabilities. "People will start pushing out antivirus signatures by tomorrow," he says.听
The intelligence community has long relied on faulty software in consumer and corporate networks to carry out espionage operations.听Yet it remains unclear how much the WikiLeaks dump 鈥 if legitimate 鈥 will impact the agency's听secret stockpile of zero days.
In 2015, NSA Director Adm. Michael Rogers said his agency disclosed more than 90 percent of the software vulnerabilities it found to software vendors and developers. A Columbia University study last summer estimated that the NSA's vulnerability stockpile was "in the dozens," though it didn't offer a figure for the CIA. The White House has its own process by which it can disclose or retain software vulnerabilities used听by intelligence and law enforcement agencies 鈥 but it is not required to make those decisions public.听
"The CIA reports show the USG developing vulnerabilities in US products, then intentionally keeping the holes open," Mr. Snowden tweeted Tuesday. "Reckless beyond words."听听
Snowden's leaks in 2013 exposed a variety of top-secret NSA digital surveillance efforts, including the PRISM听program that allowed agents to search internet data from around the world. As a result of those disclosures, President Obama signed the USA Freedom Act that limited intelligence agencies' ability to obtain data from communications providers.听
WikiLeaks has not revealed the source of the Vault 7 leaks but appeared to indicate the leaks came from an agency insider, raising new questions about听questions about the security of sensitive cyberintelligence efforts.
Earlier this year, former NSA contractor Harold Martin was charged with for听walking out of the agency with an extensive听trove of top-secret documents.听
"After Snowden, there was a huge effort to lock down this kind of information,"听says James Lewis, a senior fellow at the Center for Strategic and International Studies, a Washington think tank. "If it failed, they're going to want to know why."
