WikiLeaks, Julian Assange’s website that specialises in exposing secrets, released thousands of documents that described internal US Central Intelligence Agency (CIA) discussions on hacking techniques that it used between 2013 and 2016 to circumvent security on electronic devices for spying.
US officials said on Wednesday that CIA contractors were the likely source of the leak. But there is also speculation of Russian hackers being involved like in the case of the Democratic National Committee email hack during the 2016 US Presidential election.
Here’s an overview:
What was revealed about the CIA’s hacking program?
WikiLeaks published documents that it says describe CIA tools for hacking into devices including mobile phones, computers and smart televisions.
How many of the vulnerabilities described in the Wikileaks document are still open to exploit by hackers or spies?
There is no definitive answer in the documents, which describe attack techniques but often do not give enough detail for even the device and software vendors to understand fully how their products were targeted and how they can close the security holes.
Software updates have solved many of the flaws but it is unclear how many remain. In a chart of exploits for Apple’s iPhone, the most recent version listed as hackable was iOS 9.2, which was released in late 2015.
How can you hack a TV?
WikiLeaks said it identified a project known as Weeping Angel where US and British intelligence agencies developed ways to take over Samsung smart TVs equipped with microphones, forcing them to record conversations when the device appeared to be turned off. Experts have long said that smart TVs and other Internet-connected devices can be exploited to monitor a target.
Are these revelations new?
While the specific details are new, it is well known in the cyber security community that intelligence agencies are constantly trying to leverage flaws in technology products to conduct espionage.
The documents suggest that the CIA can access information in encrypted messaging apps like WhatsApp and Signal. I thought they were safe from even government spying?
No system is perfect. The documents describe ways to get information in those apps on Android devices, but only after gaining full control of those phones. Reuters has not found evidence in the documents released by WikiLeaks that the CIA had figured a way to break the encryption in those apps. Essentially, the CIA has found bugs in the operating systems of smartphones that allow it to gather information before it is sent through the encryption process.
Are iPhones also vulnerable?
The documents discuss ways to get into iPhones as well. One appeared to show a list of Apple iOS security flaws purchased by US intelligence agencies so they could gain access to those devices.
What should I do if I’m worried?
Most people do not need to worry about being targeted by intelligence agencies. But these same loopholes can be used to malicious elements as well.
So everybody should stay on top of software patches so all their computers, mobile phones and other connected devices are running software with the latest security updates. Consumers should balance security concerns with their need to use smart devices.
Can the CIA try to make American hacking look like the work of hackers from other countries like Russia?
The CIA has a library of attack code taken from multiple sources and sorted by function, including a program from a Russian criminal kit that permits spyware to survive rebooting and a data-destruction tool lifted from a suspected Iranian operation. One purpose of such a collection is to avoid having to write programs from scratch, while another is to confuse anyone who discovers the malware in action.
The documents released so far do not show that the CIA set out to deceive victims into believing they had been hacked by someone else, but it suggests that the agency was capable of doing so if it wanted.
Is this as big as the leaks from former National Security Agency contractor Edward Snowden?
The Snowden leaks revealed that the NSA was secretly collecting US call metadata on ordinary Americans. The materials released by WikiLeaks on Tuesday did not appear to reveal the existence of any unknown programs. Instead, they supplied details on how US intelligence agencies work to discover and exploit security flaws to conduct espionage.
How damaging is this revelation to US intelligence?
US intelligence officials say the damage is limited because much of what was published is old. A number of the vulnerabilities in smart TVs and other devices have been known for at least two years and many have been patched. The breach was discovered late last year according to US officials and most or all of the tools Wikileaks published are no longer in use.
In addition, they said, unless additional code that would enable users to exploit the leaked material is also published, it would be difficult for other countries, groups, or people to use the leaked material against the United States or its allies.
Are the documents authentic?
Reuters could not immediately verify the contents of the published documents. US officials told Reuters that they believe the documents are authentic. While the CIA has declined to comment, independent cybersecurity experts and former intelligence agency employees who have looked through them say that they appear to be authentic, citing code words used to describe CIA hacking programs.
How did WikiLeaks get the information?
This is unclear. Someone inside the agency may have leaked the information. Or, someone outside may have figured out a way to steal it. US officials told Reuters on Wednesday that contractors were the likely source for the leak.
What has the US government and other governments said in response?
The White House said US President Donald Trump was “extremely concerned” about the CIA security breach that led to the WikiLeaks release.
Germany’s chief federal prosecutor’s office said it would review the Wikileaks documents which suggest the CIA ran a hacking hub from the US consulate in Frankfurt, and would launch a formal investigation if warranted.
How Companies Have Reacted
Apple said in a statement that nearly 80 percent of iPhone users run its current iOS software with the latest security patches. "Many of the issues leaked today were already patched in the latest iOS; we will continue work to rapidly address any identified vulnerabilities," Apple said on Tuesday. The statement made no reference to attacks on its computer software.
Google declined to comment, while a Microsoft spokeswoman said: "We're aware of the report and are looking into it."
"This is not an app issue. It is relevant on the level of devices and operating systems like iOS and Android," Telegram stated, adding: "The good news is that for the moment all of this is irrelevant for the majority of Telegram users. If the CIA is not on your back, you shouldn't start worrying just yet."
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)