WikiLeaks’ huge dump today of 8,000 documents that they say comes from the CIA’s Center for Cyber Intelligence and evidences the extensive efforts they have used to bug everyday technology in our lives to potentially spy on us, has provided some major revelations.
Axios went through and outlined some of the biggest points laid bare by the WikiLeaks dump, “Vault 7, Part One.”
The CIA has turned iPhones, Android devices, Windows operating systems, and Samsung TVs into covert microphones, known as “zero day” weaponized exploits.
“Weeping Angel,” which infests Samsung smart TVs, was developed with the UK’s MI5/BTSS, and turns the TV in a “Fake-Off” mode to route audio over the Internet to a covert CIA server.
The CIA has also developed attacks to remotely control popular smart phones so they send geolocation, audio, and text communications, and activate the phone’s camera and microphone. The CIA either made these attacks or obtained them from the Government Communication Headquarters in the UK, the NSA, or the FBI, or purchased it from arms contractors. (Note, that bypasses the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide, and Cloakroom.)
The CIA has developed malware attacks and control systems for Windows, Mac OS X, Solaris, Linux, and more.
The U.S. Consulate in Frankfurt operates as a covert CIA hacker base, covering Europe, the Middle East, and Africa. WikiLeaks disclosed instructions the CIA hackers use to get through German Customs.
CIA spokesman Jonathan Liu gave a brief comment to the AP about the revelations: “We do not comment on the authenticity or content of purported intelligence documents.”
WikiLeaks outlined why this information is so critical: “Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.”
Another development from this release is that the CIA may have violated the Vulnerability Equities Process that was enacted by former President Barack Obama back in 2014 when they failed to disclose the vulnerabilities to at-risk companies.
Axios noted another huge point from the dump: “And the malware revealed is able to penetrate and control both the Android and iPhone software that runs or has run presidential Twitter accounts. The U.S. made these cyber spying codes unclassified, which means the weapons can be ‘pirated’ easily.”
Former U.S. government hackers and contractors reportedly were the whistleblowers here. They did not have the authority to put out the documents, of course, but the individual who handed the information to WikiLeaks reportedly noted that they did so in order to allow the public to debate whether or not these moves by the CIA are beyond the pale.