In one fell swoop, WikiLeaks has provided bittersweet confirmation to conspiracy theorists everywhere that the Central Intelligence Agency (CIA) has the technology to spy on virtually anyone – wherever they may be – by exploiting a sinister web of dirty tricks that can transform innocuous electronic devices into the eyes and ears of the government.
On Tuesday, the whistleblowing organization released “Vault 7,” the code name for a data dump that WikiLeaks calls “the largest ever publication of confidential documents on the agency.”
“The first full part of the series, ‘Year Zero,’ comprises 8,761 documents and files from an isolated, high-security network inside the CIA’s Center for Cyber Security Intelligence in Langley, Virginia,” a WikiLeaks press release stated.
Contained within those thousands of files, which date from 2013 to 2016, is overwhelming evidence that the CIA created “several hundred million lines of code” that allow the agency to covertly transform “Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs” into tools for covert surveillance of unsuspecting targets.
The CIA developed the ability to hack smartphones and force them to transmit “the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.” Even communications within popular messaging apps like WhatsApp, Signal, Telegram, and Confide were harvested before encryption could be applied.
Another insidious discovery contained within the leaks is the CIA’s “Weeping Angel” program, which can infiltrate a person’s smart TV and turn it into a secretive microphone. Samsung TV owners would be tricked into thinking that they had turned off their device, when it had actually been set to a “Fake-Off” mode so that it could be used by the CIA to record conversations in the room and funnel the recordings into a CIA server.
Perhaps the most frightening development in the CIA’s shadow war on consumer goods, though, is its research into “infecting the control systems used by modern cars and trucks.”
“The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations,” WikiLeaks stated. Many have now pointed at this revelation as clear evidence that journalist Michael Hastings – who was writing a piece entitled “Why Democrats Love To Spy On Americans” that involved former CIA Director John Brennan right before he died in suspicious car crash – was actually silenced by the government for his investigative efforts.
After Edward Snowden went public about the NSA’s mass surveillance tactics, the Obama administration promised the U.S. tech industry that it would immediately disclose any vulnerabilities or backdoors it discovered lurking within its products. Instead, the CIA “hoarded” these findings for its own inscrutable purposes, giving it – and any other bad apples who figured out how – the ability to exploit them.
Meanwhile, “the CIA had created, in effect, its ‘own NSA’ with even less accountability” by creative a massive arsenal of “weaponized” code that could carry out the same type of inward surveillance that was ostensibly only supposed to be carried out by the NSA.
While the idea of Big Brother poking his nose into our everyday lives is already unsettling enough, Vault 7 has also shot a gaping hole into the Democratic Party’s pet narrative that Russia was responsible for hacking the 2016 presidential election colluding with President Donald Trump’s campaign.
“The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian federation,” WikiLeaks explained.
That essentially means that the CIA can carry out cyberattacks – like the DNC/Podesta hacks – and then shift the blame onto whomever it so chooses in order to fit the narrative. The UMBRAGE group is capable of using a wide variety of vectors to gain entry into private data troves, all while leaving a virtual trail of bread crumbs that leads back to the CIA’s enemy du jour.
Where did all this information come from? WikiLeaks, which is notably guarded about the identities of its informants, had this to say:
“In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation, and democratic control of cyberweapons.”
In other words, a whistleblower akin to Edward Snowden has somehow managed to funnel the thousands of files contained within Vault 7 to WikiLeaks, which “carefully reviewed the ‘Year Zero’ disclosure and published substantive CIA documentation” without actually leaking the intricate details of these surveillance tools to keep them out of the wrong hands.
The government has not been so careful. “The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner,” which means that any number of nefarious individuals could have co-opted “its hacking arsenal including malware, viruses, Trojans, weaponized ‘zero day exploits,’ malware remote control systems and associated documentation” for their own purposes.
Teenagers in their mothers’ basements, hostile foreign nations, hardened criminals – anyone with the technological know-how can make use of a cyberweapon once it is no longer under lock-and-key, WikiLeaks founder Julian Assange warned. In comparison to nuclear armaments, cyberweapons can be nearly as destructive but infinitely more difficult to contain and monitor once produced.
Furthermore, the nature of cybersecurity means that no individual, organization, or government is immune to being exploited, as the sweeping nature of the CIA’s proprietary toolset clearly indicates. Any given entity can spend untold millions of dollars on cyber defenses and still be vulnerable attack, which means that the goal of proper cybersecurity is largely to mitigate risk and minimize losses.
These are unbelievable times that we’re living in. Maybe those folks wearing tinfoil hats are actually onto something.