WikiLeaks: CIA lost control of a massive arsenal of hacking tools

2017-03-07 21:21
New CIA Director Michael Pompeo. (Manuel Balce Ceneta, AP)

New CIA Director Michael Pompeo. (Manuel Balce Ceneta, AP)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Washington - WikiLeaks on Tuesday published thousands of documents purportedly taken from the Central Intelligence Agency's Centre for Cyber Intelligence, a dramatic release that appears to expose intimate details of America's cyber espionage toolkit.

It was not immediately clear how WikiLeaks obtained the information, which included more than 8 700 documents and files. The CIA tools, if authentic, could undermine the confidence that consumers have in the safety and security of their computers, mobile devices and even smart TVs.

WikiLeaks said the material came from "an isolated, high-security network situated inside the CIA's Centre for Cyber Intelligence in Langley, Virginia".

 It didn't say how the files were removed, such as possibly by a rogue employee, by hacking a federal contractor working for the CIA or breaking into a staging server where such hacking tools might be temporarily stored.

The almost 9 000 documents cover a host of technical topics, including what appears to be a discussion about how to compromise smart televisions and turn them into improvised surveillance devices. WikiLeaks said the data also include details on the agency's efforts to subvert American software products and smartphones, including Apple's iPhone, Google's Android and Microsoft Windows.

The information dump could not immediately be authenticated by The Associated Press, and the CIA declined comment, but WikiLeaks has a long track record of releasing top secret government documents. Experts who've started to sift through the material said that it appeared legitimate and that the release was almost certain to shake the CIA.

Jonathan Liu, a spokesperson for the CIA, said: "We do not comment on the authenticity or content of purported intelligence documents."

WikiLeaks said the archive "appears to have been circulated among former US government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive."

If the authenticity of the documents is officially confirmed, it would represent yet another catastrophic breach for the US intelligence community at the hands of WikiLeaks and its allies, which have repeatedly humbled Washington with the mass release of classified material, including hundreds of thousands of documents from the State Department and the Pentagon.

CIA hacking tools

WikiLeaks, which has been dropping cryptic hints about the release for a month, said in a lengthy statement that the CIA had "recently" lost control of a massive arsenal of CIA hacking tools as well as associated documentation.

"There's no question that there's a fire drill going on right now," said Jake Williams, a security expert with Augusta, Georgia-based Rendition Infosec. "It wouldn't surprise me that there are people changing careers - and ending careers - as we speak."

One of the purported CIA malware programs is described in the WikiLeaks documents as a "simple DLL hijacking attempt" that had been tested against Microsoft Windows XP, Vista and 7 operating systems. The technique, which the document called a "Windows FAX DLL injection," introduces computer code that allows an attacker to gain access to a computer process' memory and permissions while at the same time masking the attack.

Williams, who has experience dealing with government hackers, said the voluminous files' extensive references to operation security meant they were almost certainly government-backed. "I can't fathom anyone fabricated that amount of operational security concern," he said. "It rings true to me."

"The only people who are having that conversation are people who are engaging in nation-state-level hacking," he said.

WikiLeaks said its data also included a "substantial library" of digital espionage techniques borrowed from other countries, including Russia.

Bob Ayers, a retired US intelligence official currently working as a security analyst, noted that WikiLeaks has promised to release more CIA documents.

"The damage right now is relatively high level," he said. "The potential for really detailed damage will come in the following releases."

Read more on:    us  |  wikileaks  |  cyber security

Join the conversation!

24.com encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X

Inside News24

 
/News
 

How to get rid of fleas

Before you call in the pricey exterminators, try this DIY approach that promises to get your flea problem under control.

 
 

Paws

12 Cool cat facts
Chocolate can be fatal for dogs
Spider-man star's adorable relationship with his dog
Do you know what you are feeding your dog?
Traffic Alerts
There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.