However, a number of IT security experts are cautioning that the information released yesterday does not indicate the CIA has found a way to break the encryption of secure messaging tools or is conducting mass surveillance of people via their TVs and smartphones.
It's also unclear where exactly the cache of documents WikiLeaks is calling "Vault 7" comes from, so it's too early to attribute this leak to an inside agency whistleblower, an outside hacker or a state actor, according to these experts.
In addition, while the leak does reveal the CIA's use of so-called "zero-day" vulnerabilities that haven't yet been discovered or disclosed by software developers, at least some of those vulnerabilities appear to be several years old, which means they may have already been patched or eliminated.
'Genuinely a Big Deal'
Shortly after WikiLeaks announced the Vault 7 release yesterday, former National Security Agency (NSA) contractor and whistleblower Edward Snowden said on Twitter that the leaked documents appear to be legitimate.
"Still working through the publication, but what @Wikileaks has here is genuinely a big deal," tweeted Snowden. "Looks authentic." In 2013, Snowden shared thousands of classified documents with journalists to reveal the widespread extent of intelligence surveillance on U.S. citizens as well as non-citizens.
"There's a lot in here," cybersecurity expert Bruce Schneier wrote yesterday in an analysis on his blog. "The documents say that the CIA -- and other intelligence services -- can bypass Signal, WhatsApp and Telegram. It seems to be by hacking the end-user devices and grabbing the traffic before and after encryption, not by breaking the encryption."
Many of the hacking tools described were redacted by WikiLeaks, which said it was still examining those and might release them later, noted Schneier, who is chief technology officer at Resilient and a fellow on Harvard University's Berkman Klein Center for Internet & Society. "Hopefully we'll get them eventually," he said.
The documents released by WikiLeaks so far don't indicate the CIA can remotely infect and spy on anyone's smartphones or television sets, U.K.-based security analyst Graham Cluley said in a blog post today. Rather, the leaks show the agency can surveil conversations only if it has first been able to gain physical access to a device to install the proper malware.
"If you're worried about the prospect of an intelligence agency breaking into your home in order to plug a malicious USB stick into the back of your Samsung Smart TV then I'd argue you probably should also be worrying that intelligence agencies are breaking into your house full stop," Cluley said.
WikiLeaks: 'More to Come'
Given the volume of information released, which reportedly spans a period from 2013 to 2016, security researchers and others will undoubtedly spend weeks and months analyzing the documents and files made public by WikiLeaks. The organization also indicated that yesterday's leak was just the first of a series it planned to put out.
While WikiLeaks did not give any clues about who provided the Vault 7 data, it noted its source(s) released the information to detail "policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons."
Like other security experts, Robert Graham, CEO of Errata Security, said yesterday that the WikiLeaks revelations don't point to new threats of mass hacking of citizens by the CIA.
"Snowden revealed how the NSA was surveilling all Americans," Graham said. "Nothing like that appears in the CIA dump. It's all legitimate spy stuff (assuming you think spying on foreign adversaries is legitimate)."
Hassan:
Posted: 2017-03-08 @ 3:01pm PT
They need 'physical access to the device'? Are you saying if the CIA (or anyone, for that matter) was able to hack into your device remotely (by, say, hacking a device connected to an unsecured WiFi network) that they wouldn't be able to install malware to read messages sent via Whatsapp or Telegram? I find that hard to believe. But then again, I'm a bit of a novice so I'm not sure. Can someone explain please?
Source: What Does WikiLeaks Release of CIA Hacking Tools Mean for You?
No comments:
Post a Comment