Vault7: What the Wikileaks CIA info-dump means to you

Vault7: What the CIA information Wikileaks has published means to you

Wikileaks appears to have shed a light into how the CIA's hacking division operates

Wednesday, March 8, 2017

So Wikileaks has sent more shockwaves through the intelligence community by releasing a massive trove of information onto the internet. 

Specifically, files from the CIA, which appear to shed light into what their hackers allegedly get up to all the live-long day.

More specifically, the trove details the scope and scale of 'Year Zero', the organisation's online hacking arsenal. 

In the press release, which has been called 'Vault7', the site's founder, Julian Assange, has called it the largest ever publication of confidential documents on America's intelligence nerve-centre. 

The CIA hasn't denied the claims, its spokesman Jonathan Liu saying in an emailed statements "we do not comment on the authenticity or content of purported intelligence documents." Hardly reassuring for those who worry their data might be compromised.

Here's some of what's been claimed by the leak:

1. Hackers at the CIA have spent an awful lot of money on "weaponised malware"

The document, and subsequent analysis on the Wikileaks press release, claims the CIA's hacking arsenal had grown to more than a thousand programmes by the end of 2016.

The organisation has, according to the trove, poured huge amounts of money into hacking systems, trojans, viruses, and other forms of malware. The hacking arsenal comparises several hundred million lines of code.

The notion that our intelligence agencies use malware and other such nefarious channels to hack information isn't exactly new. But, even so, the scope of the arsenal claimed in the WikiLeaks trove makes for alarming reading.

2. All kinds of technology are affected

According to the documents, the hacking tools developed by the CIA target all kinds of technology, from smartphones to trucks. Basically, if you've got something connected to the internet, the CIA can turn it into a covert intelligence device.

In the case of cars and trucks, it is also claimed that the CIA was looking into the prospect of "infecting the vehicle control systems" and allowing hackers to take control, for use in assassinations. 

3. Some of the techniques are seriously sneaky

A number of anecdotal examples of the CIA's hacking technology were revealed in the data dump.

In one such example, codenamed 'Weeping Angel', the CIA and UK spy agency MI5 allegedly developed a 'fake-off' attack against a Samsung-connected internet TV, so the owner thinks it's off when it's actually still running - and able to record conversations in the room.

4. Your phone could be sending your conversations to the CIA

It is claimed in the documents that "Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone."

So basically, your most private, personal and revealing conversations could be being read by American intelligence operatives.

5. A number of the hacking programmes have no fix yet

It is claimed that the CIA has 14 different 'zero-day exploits' - holes in software that have yet to be fixed or even detected by the manufacturer - devoted to Apple iOS products, such as iPhones and iPads.

These vulnerabilities were reportedly withheld from Apple, so they couldn't be fixed.

6. The CIA lost control of its hacking arsenal

According to WikiLeaks, after developing its ridiculously powerful array of hacking tools, the CIA lost control of them. 

The problem is that the hacking tools, according to Wikileaks, can be copied or pirated at little to no cost. And the CIA was unable to classify the cyber-malware, as, if hackers were releasing classified CIA programmes onto the web, they could face prosecution.

This made the programs vulnerable to other hackers, who could freely appropriate the programs. The CIA tried to make its programs obscure, but this wasn't enough.

So now the hacking programmes can be used against the USA by rival state-sponsored hacking teams, and amateurs working in their bedrooms. 

Worrying.