This week, WikiLeaks dropped the largest intelligence agency leak in history with the release of 8761 confidential CIA documents, going over the agency’s illicit activities. This is just the beginning too, with Julian Assange claiming there will be a series of additional leaks to follow. At the moment this operation is codenamed ‘Vault 7’ and it reveals a lot about how the CIA operates, with tactics ranging turning smart TVs, smartphones and even game consoles into open microphones and converting Skype conversations into text to be analysed in real time and stored in the cloud.
There is much more to it than that though. By the end of 2016, the CIA’s hacking division carried more than 5000 members and had hoarded the largest cyber attack arsenal in the world, with ‘weaponized malware’, trojans and other hacking systems. This hacking division essentially allowed the CIA to build its own NSA but without nearly the same level of government checks or accountability.
What happened to this huge library of cyber attacks? Well it turns out the CIA lost it. According to WikiLeaks, there are a bunch of CIA-made tools that are now out of the agency’s control, which could essentially allow a user to gain unparalleled access to any computer in the world. However, the organisation won’t be releasing access to any dangerous software until a consensus is reached on how this software should be analysed and disarmed.
The leak is massive so I would encourage those interested to take a look at the Vault 7 WikiLeaks page for themselves. However, some of the highlights include the fact that the CIA’s cyber attack hoarding cost US taxpayers around $100 billion. Plenty of ‘zero day’ risks were discovered for smartphones and operating systems and rather than reporting these to the companies involved for patching, the CIA kept them in their back pocket, essentially leaving a door open for any hacker in the world to exploit.
Some of these attacks were used on private citizens of the US and access to some of these tools were granted to MI5 here in the UK. The CIA is said to have its own coders planted in giant tech companies in order to create their own backdoors from the inside and can leverage a broad range of smart TVs and even Windows PCs to spy on people.
As a final point for now, the CIA also has a tool that can remotely control the chips inside of cars, planes and medical devices, this could effectively be leveraged as a remote assassination tool. The CIA will also sometimes try to cover their tracks by mimicking the hacking protocols of other countries.
KitGuru Says: I thought the NSA leaks were bad but this Vault 7 stuff is really something else. Have any of you guys read up on this much? It’s certainly going to be one of the biggest stories of the year and will no doubt be the subject of much debate.