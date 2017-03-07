A formidable CIA hacking division has amassed hundreds of tools to control smart phones and TVs, and employed hidden holes in products made by trusted firms such as Apple, Microsoft and Google for espionage purposes without notifying the companies of the vulnerabilities, WikiLeaks said Tuesday.
WikiLeaks released what it said were 8,761 documents taken from the CIA’s Center for Cyber Intelligence in Langley, Va., in what it described as “the largest intelligence publication in history.”
The documents indicate that the CIA has collected “more than a thousand hacking systems, trojans, viruses, and other ‘weaponized’ malware” that allow the agency to seize direct control of devices made by the biggest high-tech firms worldwide. One document indicated that the unit sought to develop ways to commandeer control of self-driving vehicles.
WikiLeaks said the CIA purposefully withheld information from the manufacturers about the vulnerabilities in their systems, undercutting a 2014 pledge by former President Barack Obama to disclose to them vulnerabilities in their systems and devices so they could be patched and made safe.
A CIA spokesman declined to say if the purported leak was real.
“We do not comment on the authenticity or content of purported intelligence documents,” spokesman Jonathan Liu said.
The WikiLeaks documents, which the anti-secrecy group said span from 2013 to 2016, reveal an arsenal of malware and dozens of “zero day” exploits against a wide range of products, including Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung smart televisions, which can have their microphones activated covertly.
A “zero day” is a previously undetected hole or vulnerability in software, and a victim has zero time between discovery of the flaw and possible penetration by an attacker.
Some of the tools would allow the CIA to hack and control popular smart phones, allowing remote operators access to the phone’s location, its audio and text communications and to activate the camera and microphone covertly, perhaps from great distance.
While iPhones comprise only 14.5 percent of the global smart phone market, WikiLeaks said the focus on Apple’s iOS operating system for the “may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.”
The documents indicate that the CIA controlled 24 different vulnerabilities for Google’s Android operating system, which is used in as many as five out of six smart phones worldwide.
“These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied,” WikiLeaks said.
Several documents reveal deep collaboration between the CIA, and Britain’s premier electronic signals intelligence agency, known as GCHQ, as well as a private cybersecurity company, Baitshop, in finding vulnerabilities in the iPhone. Another shows collaboration between the CIA unit and MI5, the British domestic spying agency, in creating “Weeping Angel,” a program to covertly activate the Samsung smart TV microphones.
The CIA hacking tools include ones with other colorful names such as “Brutal Kangaroo,” “Assassin,” “Hammer Drill,” “Swindle” and “Cutthroat.” The leaked documents indicated that the CIA tools could jump into isolated systems unconnected to the internet, maintain network infections after discovery, and hide data in images.
The anti-secrecy organization said it obtained the documents from someone associated with the 5,000 accredited users in the Center for Cyber Intelligence, and said the person objected to the unit’s lack of accountability and duplication of efforts with the National Security Agency, a rival intelligence arm.
“The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyber weapons,” WikiLeaks said.
Major U.S. high-tech companies did not offer immediate reaction, but they are likely to feel annoyance that vulnerabilities were kept from them. In 2014, Obama ordered that if any agency wanted to keep a “zero day” vulnerability out of the public eye, it would have to argue their case to an Equities Review Board chaired by the National Security Council.
In other disclosures, the documents show:
/ The CIA operated a covert hacker base out of the U.S. consulate in Frankfurt, Germany, traveling throughout Europe from there.
/ One hacker unit, known as UMBRAGE, took malware from nations like Russia and adapted it for CIA objectives, with the intent of leaving the cyber “fingerprints” of another nation behind, throwing people off the trail. The technique was used in webcam capture, data destruction, and in escalating through target networks.
The Center for Cyber Intelligence is directly under one of five directorates at the top of the CIA, the Directorate of Digital Innovation, according to an organizational chart.
The CIA reports show the USG developing vulnerabilities in US products, then intentionally keeping the holes open. Reckless beyond words.— Edward Snowden (@Snowden) March 7, 2017
Exiled NSA whistleblower Edward Snowden, in a tweet, described as “reckless beyond words” the CIA practice of finding vulnerabilities in products, then allowing the holes to remain open.
Vince Houghton, a historian and curator at the International Spy Museum in Washington, D.C., said much of the information in the leak was likely dated.
“Even if you pulled CIA programs from six months ago, they might already be obsolete,” said Houghton, who is also an Army veteran who served in the Balkans and worked with intelligence agencies. “The speed at which these cyber programs work, if you haven’t pulled something from yesterday it might already be obsolete.”
WikiLeaks said in a statement that it had redacted 70,875 portions of the released documents, including names, routable Internet Protocol addresses, and specific coding for malware that could be used by criminals or others.
Kevin G. Hall contributed to this report.
