WikiLeaks files expose alleged CIA hacking tools

CIA's tools can break into any kind of operating system, smart device or digital machine

WikiLeaks has claimed the CIA can pretty much hack into any device, even smart TVs, with its range of hacking tools, designed to read and lift data from electronic devices.

The information obtained is "the largest ever publication of confidential documents on the agency," according to a statement released by WikiLeaks.

Advertisement - Article continues below

The first batch to be leaked, dubbed 'Year Zero' is comprised of 8,761 documents and files that reportedly detail how authorities have discovered a way to bypass the encryption in highly secure messaging platforms such as WhatsApp, Telegram and Signal. This is done by accessing the data on devices before encryption is applied on Android and using other methods on the iPhone, Microsoft Windows and even Samsung smart TVs. However, privacy campaigners dispute this claim.

The files were accessed via an internal network inside the CIA's Center for Cyber Intelligence in Langley, Virgina.

The engineering development group (EDG) is responsible for developing, testing and supporting the tools that the CIA uses for this type of surveillance. The EDG sits within the Center for Cyber Intelligence (CCI), which itself is a sub-department of the Directorate for Digital Innovation (DDI), one of the CIA's five major directorates. 

One particular method of surveillance, dubbed "Weeping Angel", was developed by the CIA's embedded devices branch (EDB) and focused on turning Samsung smart TVs into covert microphones. When users think the TV is off, it's actually a 'fake-off' mode that records conversations and send them to a covert CIA server. It is believed that the CIA didn't act alone for this attack and worked in co-operation with MI5/BTSS (British Security Service). 

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

WikiLeaks explained that the agency "lost control" of its hacking weapons, including malware, viruses, trojans, weaponised "zero day" exploits, malware remote control systems and associated documentation. Anyone finding the information could use it to launch a serious attack on anyone. However, the notes don't include the hacking files themselves, merely the information about how the CIA is believed to be using them.

The anonymous source who sent the materials to WikiLeaks is apparently hoping that the documents will trigger a conversation about "whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency," WikiLeaks said. 

"There is an extreme proliferation risk in the development of cyber 'weapons'," said Julian Assange, WikiLeaks editor. "Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade.

"But the significance of 'Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Read our analysis of the WikiLeaks revelations here.

Picture: Bigstock

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Visit/cloud/amazon-web-services-aws/355183/aws-launches-amazon-detective
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020
Visit/security/privacy/355182/government-to-launch-coronavirus-contact-tracking-app
privacy

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020
Visit/software/video-conferencing/355180/zoom-does-not-use-end-to-end-encrypted
video conferencing

Zoom admits meetings don't use end-to-end encryption

1 Apr 2020

Most Popular

Visit/security/data-breaches/355173/marriott-hit-by-data-breach-exposing-personal-data-of-52-million
data breaches

Marriott data breach exposes personal data of 5.2 million guests

31 Mar 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/security/privacy/355155/zoom-kills-facebook-integration-after-data-transfer-backlash
privacy

Zoom kills Facebook integration after data transfer backlash

30 Mar 2020