A major CIA leak published by WikiLeaks on Tuesday revealed that the world’s most popular smartphones and television sets from a major manufacturer are vulnerable to the covert agency’s burgeoning cyber unit.
The leak of more than 8,000 CIA documents to anti-secrecy group WikiLeaks contains perhaps the most explosive set of revelations since NSA secrets were provided to journalists by whistleblower Edward Snowden.
The CIA has reportedly declined to comment on the authenticity of the documents, but WikiLeaks has a long history of disclosing genuine top-secret government files.
What makes this look real?
Program & office names, such as the JQJ (IOC) crypt series, are real. Only a cleared insider could know them.
— Edward Snowden (@Snowden) March 7, 2017
Dubbed “Vault 7,” the document dump outlines the vast resources at the disposal of the CIA’s Center for Cyber Intelligence, the agency’s own version of the NSA. These include an arsenal of computer exploits—malware, viruses, trojans and other invasive tools—the CIA’s covert hacking operation can deploy to target Apple iPhones, Google Android devices, Samsung TVs, Microsoft’s ubiquitous operation system Windows, and other targets.
Among the most eye-opening of the disclosures is a CIA Center for Cyber Intelligence attack cryptically called “Weeping Angel” targeting Samsung smart televisions. The intrusion allows government hackers to manipulate the TVs to act as if they’re turned off while covertly recording conversations and routing audio files to a secret CIA server. The attack was allegedly developed alongside the United Kingdom’s MI5 agency, according to the WikiLeaks.
One document published by the group Tuesday titled “Weeping Angel – Things you might do” considers the possibility of extracting browser history and WiFi credentials from Samsung TVs and opportunities to remotely access devices.
— WikiLeaks (@wikileaks) March 7, 2017
Also troubling for privacy advocates, the CIA has found a way to circumvent encrypted messaging software like Signal, WhatsApp and Telegram by accessing smartphones directly and collecting communications before encryption protocols take effect, WikiLeaks revealed. In response, Telegram said it was “misleading” to suggest that its software is prone to CIA attacks.
WikiLeaks did not identify the source of the leaks, but the group said the person sought to inspire an “urgently” needed debate into the agency’s cyber division powers.
“The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons,” WikiLeaks said in a press release accompanying the disclosures.
WikiLeaks also noted that the CIA “lost control of the majority of its hacking arsenal”—encompassing more than a hundred million lines of code—which would give any person in possession of the arsenal “the entire hacking capacity of the CIA.”
The CIA’s extensive hacking unit included more than 5,000 users at the end of last year. The state-sponsored hackers were so prodigious that they “utilized more code than that used to run Facebook,” according to WikiLeaks.
What the CIA achieved in terms of building its army of hackers was impressive. If what the documents indicate are true, it would mean the agency, much like the National Security Agency, is capable of large-scale cyber espionage, but without public oversight and working as rivals to the NSA instead of collaborators.
“The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive,” the organization said.
The disclosures are the most significant in the nascent Trump administration and may rival those by NSA whistleblower Snowden, who revealed massive government spying on a scale never before known publicly.
WikiLeaks was previously the source of 700,000 secret U.S. State Department cables and military documents regarding the Iraq and Afghan wars leaked by Chelsea Manning. Prior to leaving office, former President Obama commuted Manning’s sentence, effective later this year.
The group’s mercurial leader, Julian Assange, has most recently made news for WikiLeaks’ release of emails from the Democratic National Committee, Hillary Clinton, and a powerful Democratic operative during last year’s presidential election campaign. The Russian government was allegedly the source of the disclosures, though no definitive proof has yet to emerge publicly.
Now WikiLeaks is making waves again.
In an increasingly interconnected world, the revelations could trigger yet another public debate about privacy in the United States and abroad. That’s because the ubiquitous smartphones around the world are predominantly Google Android and Apple iPhone devices—both of which the CIA’s hacking division can allegedly exploit, according to WikiLeaks.
Google’s Android operating system, which is the software used by several leading smartphone makers, accounts for more than 80-percent of the worldwide market share as opposed to Apple’s 12-percent share.
The documents state that the CIA’s Mobile Devices Branch can deploy attacks “to remotely hack and control popular smartphones.” The person conducting the hack can gain access to the smartphone owner’s geolocation, audio and text communications, and remotely engage the phone’s camera and microphone, the documents suggest.
Included in the dump was information about a program called “Umbrage,” in which the CIA can re-use malicious attacks that originated from other countries, including Russia. If the CIA repurposes such an attack, it can appear as if it were deployed from where it originated, thus misleading investigators.
WikiLeaks said some information, such as email addresses and names, had been redacted prior to publication. The documents cover a three-year period from 2013 to 2016.