WikiLeaks did a lot of damage today:
WikiLeaks on Tuesday released thousands of documents that it said described sophisticated software tools used by the Central Intelligence Agency to break into smartphones, computers and even Internet-connected televisions.
If the documents are authentic, as appeared likely at first review, the release would be the latest coup for the anti-secrecy organization and a serious blow to the C.I.A., which maintains its own hacking capabilities to be used for espionage.
The initial release, which WikiLeaks said was only the first part of the document collection, included 7,818 web pages with 943 attachments, the group said. The entire archive of C.I.A. material consists of several hundred million lines of computer code, it said.
Among other disclosures that, if confirmed, would rock the technology world, the WikiLeaks release said that the C.I.A. and allied intelligence services had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram. According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.”
It is believed that the files were stolen between 2013 and 2016. And it has an implication for every person who uses any “Smart” phone or television.
WikiLeaks said the trove comprised tools — including malware, viruses, trojans and weaponized “zero day” exploits — developed by a CIA entity known as the Engineering Development Group, part of a sprawling cyber directorate created in recent years as the agency shifted resources and attention to online espionage.
The digital files are designed to exploit vulnerabilities in consumer devices including Apple’s iPhone, Google’s Android software and Samsung television sets, according to WikiLeaks, which labeled the trove “Year Zero.”
In its news release, WikiLeaks said the files enable the agency to bypass popular encryption-enabled applications — including WhatsApp, Signal and Telegram — used by millions of people to safeguard their communications.
But experts said that rather than defeating the encryption of those applications, the CIA’s methods rely on exploiting vulnerabilities in the devices on which they are installed, a method referred to as “hacking the endpoint.”
The data release alarmed cybersecurity experts.
“This is explosive,” said Jake Williams, founder of Rendition Infosec, a cybersecurity firm. The material highlights specific anti-virus products that can be defeated, going further than a release of NSA hacking tools last year, he said. The CIA hackers, according to WikiLeaks, even “discussed what the NSA’s . . . hackers did wrong and how the CIA’s malware makers could avoid similar exposure.”
Hackers who worked at the NSA’s Tailored Access Operations unit said the CIA’s library of tools looked comparable. The implants, which are back doors, or software that enables a hacker to get into a computer, are “very, very complex” and “at least on par with the NSA,” said one former TAO hacker who spoke on the condition that his name not be used.
In addition to the hacking tools, they revealed an organization chart of the CIA’s cybersecurity organization and where the various nodes are located. This obviously puts CIA personnel at increased risk.
Much of the commentary on this is going to dwell on Trump’s romance with WikiLeaks during the 2016 election and its rather obvious links to Russia’s SVR and FSB. The real issue is much deeper. Under the Obama administration the government’s ethos of protecting classified information essentially disappeared. Highly classified information found its way into the public sector when it was to the advantage of the administration. We’ve seen this played out nearly daily for the past four months as the Obama administration-in-exile has used classified leaks to try to damage Trump and his advisers.
Internal procedures under Obama became so lax that Bradley Manning and Edward Snowden and Harold Martin thrived. They are only the tip of the iceberg. Actual foreign agents, people who are professionals, aren’t going to get caught or go public. Right now there isn’t any explanation forthcoming of how this information found its way to WikiLeaks but we know the vector was a CIA employee. Probably still on the job.
Unless and until our counterintelligence people are hit with a cattle prod this is going to continue to happen. And right now the CIA is proving that our allies don’t have to worry about trusting Trump, the CIA is so incompetent it can’t secure its own information.