Records show agency able to spy on smartphones, internet TVs
Shane Harris & Paul Sonne
March 7, 2017
WASHINGTON—WikiLeaks released thousands of documents and files Tuesday that it said exposed tools the Central Intelligence Agency uses to hack smartphones, computer operating systems, messenger applications and internet-connected televisions.
The unauthorized disclosure—the first part of which WikiLeaks said consisted of 8,761 documents and files from the CIA’s Center for Cyber Intelligence—confronts President Donald Trump with a threat from the very organization that leaked documents on his opponent, Democrat Hillary Clinton, during the 2016 presidential campaign.
WikiLeaks named the series of files “Vault 7” and called the unauthorized disclosure the “largest ever publication of confidential documents on the agency,” saying it exposed the malware and exploits the agency amassed to hack smartphones and turn some televisions into covert microphones.
A CIA spokesman declined to comment “on the authenticity or content of purported intelligence documents.”
TRUMP’S FIRST 100 DAYS
An intelligence source said some of the information does pertain to tools that the CIA uses to hack computers and other devices. This person said disclosing the information would jeopardize ongoing intelligence-gathering operations and the revelations were far more significant than the leaks of Edward Snowden, a former contractor for the National Security Agency who exposed active surveillance programs in 2013.
Mr. Snowden’s leaks revealed names of programs, companies that assist the NSA in surveillance and in some cases the targets of American spying. But the recent leak purports to contain highly technical details about how surveillance is carried out. That would make them far more revealing and useful to an adversary, this person said.
In one sense, Mr. Snowden provided a briefing book on U.S. surveillance, but the CIA leaks could provide the blueprints.
WikiLeaks said in its statement that it was not publishing such information as computer source code that could be used to replicate the tools it claims to have exposed. But the group left open the possibility of publishing those crucial details if “a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should [sic] analyzed, disarmed and published.”
Mr. Snowden said in a tweet Tuesday, “Still working through the publication, but what @Wikileaks has here is genuinely a big deal. Looks authentic.”
WikiLeaks said the CIA recently “lost control” of the majority of its hacking arsenal. “This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA,” the site said in a statement. “The archive appears to have been circulating among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”
The website put out what it called the first installment in a series of planned leaks on Tuesday, calling it “Year Zero.” It said the first installment “introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of ‘zero day’ weaponized exploits against a wide range of U.S. and European company products.”
WikiLeaks said the information on CIA hacking came from an unidentified source who believes the spy agency’s hacking authorities “urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.”
Much of what WikiLeaks posted Tuesday appeared to be a kind of internal Wikipedia for U.S. cyber-warfare developers to collaborate, post and access information about available hacking tools. In many instances, WikiLeaks has redacted entries that appear to link to specific executable files. The documents show, for example, what capabilities exist to bypass antivirus software, with a different entry for each antivirus company.
The revelations are sure to fuel an ongoing debate over whether intelligence agencies that discover security flaws in popular technology should disclose them, so that the users can defend themselves from hackers, or keep that information secret for use in intelligence operations.
One document claims that the CIA has discovered numerous ways to hack into versions of Apple’s iOS, the mobile operating system used on iPhones. In general, hacking tools for the iPhone are considered especially valuable because the technology is so widely used, experts said. One particular hacking tool appears to remain on an iPhone even after it has been rebooted, which would make it particularly valuable to an intruder.
“These documents, which appear to be authentic, show that the intelligence community has deliberately maintained vulnerabilities in the most common devices used by hundreds of millions of people,” Ben Wizner, the director of the Speech, Privacy, and Technology Project at the American Civil Liberties Union, said in a statement.
“Those vulnerabilities will be exploited not just by our security agencies, but by hackers and governments around the world. The government has the capacity and obligation to help technology companies fix vulnerabilities as soon as they are discovered,” Mr. Wizner said.
This is the latest high-profile leak of information by WikiLeaks, which last fall published emails stolen from Mrs. Clinton’s campaign chairman, John Podesta. U.S. intelligence agencies concluded that Russian government hackers stole those emails and provided them to WikiLeaks.
WikiLeaks said the documents show the CIA’s ability to bypass the encryption of popular messenger applications, including WhatsApp, Signal, Telegram and Confide by hacking the smartphones they run on and collecting audio and message traffic before the applications encrypt the user’s texts.
The site said the documents also show how the CIA developed other mobile hacking technologies, including the ability to activate the camera and microphone of a target’s smartphone covertly and surreptitiously retrieve a target’s geolocation, audio and text communications.
WikiLeaks said one of the documents also shows how the CIA developed a program to hack internet-connected televisions in conjunction with British intelligence. The attacks can place Samsung smart TVs in a fake off mode, so the owner believes the television is switched off, while in reality it is functioning as a bug and recording conversations in the room, WikiLeaks said.