WikiLeaks has published the first part in a series of leaks about the CIA. The first part of the series is called “Year Zero” and includes 8.761 documents and files from an isolated and highly secure network located in the CIA’s Center for Cyber Intelligence in Virginia. WikiLeaks refers to the yet-to-be-released remainder of the series as “Vault7”.
Some of the hacking accomplishments of the CIA that are detailed in the release include:
- Weeping Angel – this attack targets Samsung smart TVs and was worked on with the UK’s MI5. Infected TVs can be put into a fake-off mode where the user believes the TV is turned off but actually is recording conversations and sending them to a covert CIA server.
- As of October, 2014, the CIA had looked into infecting the control systems of modern cars and trucks. WikiLeaks couldn’t find the purpose in the documents but it could allow the CIA to carry out almost undetectable assassinations.
- The CIA’s Mobile Devices Branch has several attacks which allow it to hack and control popular smartphones. With these attacks, the CIA can get access to a device’s geolocation, audio, texts and covertly activate the device’s camera and microphone.
- The CIA Mobile Devices Branch has a specialised unit dedicated to hacking iOS devices. WikiLeaks says that despite the iPhone’s 14.5% market share, the agency is paying close attention to those devices due to the iPhone’s popularity in social, political, diplomatic and business circles.
- The documents show that Android is not out of the clear. The CIA, according to the leaks, had 24 weaponised Android zero days which it has developed itself or obtained from GCHQ, NSA and cyber arms contractors.
After the Ed Snowden leaks many people turned to encrypted communications; unfortunately, these won’t help you against the CIA. The techniques outlined above allows the agency to bypass the encryption of messenger apps including WhatsApp, Telegram, Signal and others. The hacks allow the agency to collect audio and message traffic before the encryption is applied.
Telegram has already responded to the news saying:
'"Year Zero" is not an app issue. It applies to devices and operating systems and will require security updates from their respective manufacturers to mitigate the threats.'
Mobile devices aside, the leaks show that routers, Windows, macOS and Linux systems are all vulnerable to multiple attacks that have been developed. The documents claim that ways have been found to infect air-gapped computers - those which are not connected to the internet or other insecure networks; these methods include hiding data in images or hidden parts of computer storage.
WikiLeaks said that an archive of malware, viruses, trojans and zero-day exploits had been circulated among former US government hackers and contractors in an unauthorised manners. One of those who had gotten ahold of the archive handed over portions of the archive to WikiLeaks.