The whistleblower platform WikiLeaks has published new material that appears to provide fresh insight into the spying practices of the Central Intelligence Agency (CIA). Shortly after 2 p.m. Central European Time, 8,761 documents and files were made available pertaining to systematic CIA infiltration of computers around the world.
According to a WikiLeaks press release, the cache of documents, christened "Vault 7" by organization, provides an overview of the CIA's secret hacking arsenal, including malware, viruses, Trojans and the targeted exploitation of systemic weaknesses, referred to as "Zero Day Exploits" in the parlance. The documents indicate that the tools enable the CIA to breach Apple iPhones, Android devices from Google, Windows computers and even televisions.
The material published by WikiLeaks is from an anonymous source. According to the platform, the material has been circulating among former U.S. government hackers and contractors, which is how it found its way to the whistleblowing platform. According to a WikiLeaks statement, the source hopes the publication of the documents will trigger a debate on how the use of cyberweapons can be democratically legitimized and controlled.
WikiLeaks claims to have spent several months reviewing the documents. In contrast to past data dumps, WikiLeaks edited and redacted parts of the documents prior to publication.
Active in Frankfurt
WikiLeaks says the CIA has its own cyberwar division and that around 200 experts belonging to the division are able to infiltrate computers around the world using tools specifically developed to steal data. The CIA hackers work at the agency's headquarters in Langley, Virginia, WikiLeaks says, but adds that the agency maintains at least one base outside of the United States.
The documents indicate that the CIA hacking experts are also active in the U.S. Consulate General in Frankfurt, Germany, the largest American consulate in the world. According to WikiLeaks documents, the consulate grounds also house a Sensitive Compartmented Information Facility, or SCIF, a building that is only accessible to CIA agents and officers from other U.S. intelligence agencies. These digital spies apparently work independently of each other in the facility so as not to blow their cover.
There are apparent references in the documents to trips taken to Frankfurt by these CIA hacking experts, complete with what passes for humor in the intelligence agency: "Flying Lufthansa: Booze is free so enjoy (within reason)," one of the documents reads. There is advice for ensuring privacy in the recommended hotels: "Do not leave anything electronic or sensitive unattended in your room. (Paranoid, yes but better safe than sorry.)"
One of the tools described in the documents, codename "Weeping Angel," is specifically designed for hacking into Samsung F8000-Series smart televisions. According to the document, CIA agents are able to switch the televisions into "Fake Off," which fools their owners into thinking it has been switched off. But the hackers are nevertheless able to use the TV's microphone and webcam for surveillance purposes.
Critique from Snowden
More broadly, the documents indicate that the CIA does not want to leave cyberspace surveillance completely to the National Security Agency (NSA), which has its own vast collection of spying tools. WikiLeaks writes in its press release that the CIA has, in effect, developed its "own NSA."
It was almost exactly two years ago that then-CIA head John Brennan announced: "We must place our activities and operations in the digital domain at the very center of all our mission endeavors." In his announcement, he said the CIA would redouble its focus on the internet. A short time later, the Intercept revealed that the CIA was trying to spy on iPhones and iPads. The documents now released by WikiLeaks include more such details.
By editing and redacting the documents prior to publication, WikiLeaks has changed its erstwhile publishing practice of dumping files into the internet just as they had been received. This time, the names of CIA agents have been deleted and their email addresses and the IP addresses of their computers have been blacked out. Last year, WikiLeaks had been sharply criticized for not doing so in previous document dumps. None other than NSA whistleblower Edward Snowden, who also spent time working for the CIA, had demanded that WikiLeaks redact documents and files prior to publication.